In an effort to secure my system without degrading performance too much, I've created an encrypted disk, then moved various directories onto that disk, with softlinks from the original disk to there. So, for example, I have stuff like this:
/home -> /crypted/home /var/mail -> /crypted/var/mail My question is... is that safe to do? Does the link compromise inode information about the encrypted disk, for instance? I've never seen anyone mentioning this, but I don't think I've heard anything against it either, and it's a nice solution to implement. Also, currently, this encrypted disk asks for a password at boot time (I'm using loop-aes), and simply doesn't mount if the password is wrong. Is there some way to make the system fail to boot if aes-loop's password validation fails? Or, at least, how do I stop files being written under the mount point, if it's not actually mounted? Can I just fully write-protect the mount point, and then have that overridden when a disk is mounted on top? Finally, I'm using aes-loop because I read that dm-crypt has vulnerabilities over loop, and aes-loop is superior. Is that still the case? Thanks -- Lee. Please do not CC replies directly to me. I'll read them on the list. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
