On Mon, 3 Jul 2017 00:42:52 +0200, Alessandro wrote in message
<20170703004252.748a9c7f@ayu>:
> Il giorno Wed, 28 Jun 2017 19:38:11 +0200
> Didier Kryn <kryn@???> ha scritto:
>
> > Le 28/06/2017 à 15:40, Stephan Seitz a écrit :
> > > And today you should always encrypt your discs.
> >
> > I don't see any reason to encrypt /usr. You might like to
> > encrypt /etc because it contains user names and (already encrypted)
> > passwords. But definitely there is no reason to encrypt everything.
>
> Valid reasons to encrypt /usr include:
>
> 1) /usr resides on the same partition as / and/or /home (trivial
> case); 2) protecting its files from being tampered with when the
> device is offline;
> 3) making harder to someone who can access your
> offline HD understand which partition is /, or /usr or /home, so that
> the attacker will have to try to decrypt them all;
> 4) you put stuff in /usr/local that might contain
> keys/passwords/sensitive information that would better be kept
> protected.
..if you wanna protect /usr/local, chop that off /usr and
encrypt, mount etc them all as you damned please.
--
..med vennlig hilsen = with Kind Regards from Arnt Karlsen
...with a number of polar bear hunters in his ancestry...
Scenarios always come in sets of three:
best case, worst case, and just in case.