[ltp] Re: Suspend with crypted swap?

[Stefan Monnier]

> ... because none of the information in / is really a secret, except the
> aforementioned partitions. There is of course stuff like /etc/shadow and
> /etc/wpa_supplicant.conf (but it can be moved to an encrypted partition),
> but other than that, what is in cleartext in / that is NOT located on the
> partitions above?

Actually /var may also contain sensitive info in /var/tmp and maybe a few
other places.  I guess if you said that /usr doesn't need to be encrypted
everybody would agree.  By pushing it up to / you end up having to be a lot
more careful (e.g. if you move /etc/shadow to an encrypted partition and
replace it with a symlink, you have to be extra careful that it doesn't get
moved back to the non-encrypted one by a simple "move&copy").


        Stefan