]] "Lauri Alanko" > By default, updatedb.mlocate traverses users' home directories. In a > setup where home directories (and swap) are encrypted, but for > performance reasons the rest of the system isn't, this means that if > updatedb.mlocate is run while a user is logged in and her home directory > is mounted, then the names of the files under the encrypted home are > stored unencrypted under /var/lib/mlocate, which makes them more > vulnerable if the hardware gets compromised.
If you encrypt your ~, or as you say, try to build a secure system, you should really encrypt the whole system or you'll easily end up leaking temporary files in /tmp, various settings in /var and /etc and so on. -- Tollef Fog Heen UNIX is user friendly, it's just picky about who its friends are -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
