[arch-general] partition sizes and filesystems (Re: Install Arch in stages?)
Heiko Baums
lists at baums-on-web.de
Fri Dec 9 20:27:41 EST 2011
Am Sat, 10 Dec 2011 01:25:16 +0100
schrieb Karol Babioch <karol at babioch.de>:
> Well that sounds a little bit misguiding for me. Once the device is
> "opened" its totally transparent, so not only the kernel has access to
> the data, but also any other running process / program. Of course the
> "normal" file permissions are applied, but from the point of view of a
> program, which accesses the filesystem on a high(er) level of
> abstraction there is totally no difference whether the underlying
> device is encrypted or not.
I'm, of course, speaking of offline attacks. LUKS doesn't protect
against online attacks. Which encryption you use depends on the
particular use case. For really sensitive data it's best to using both,
GnuPG and LUKS.
Heiko
More information about the arch-general
mailing list