On Sun, Dec 21, 2008 at 09:46:30PM +0100, Ralf Ertzinger wrote:
Hi.
On Sun, 21 Dec 2008 20:15:23 +0000, Richard W.M. Jones wrote
The other reason to _not_ encrypt the system directories is so that system files can be easily mmapped into memory.
How would encrypting the system directories prevent you from doing that?
Yes, I'm wrong about this. I thought the ESSIV scheme used made it so that you couldn't just decrypt an arbitrary block (without decrypting previous blocks), but that's not actually the case.
Rich.