No announcement yet.

Linux 5.6 Is Looking Like It Will Be Spectacular With A Long List Of Features

  • Filter
  • Time
  • Show
Clear All
new posts

  • #21
    Originally posted by Neraxa View Post
    Filesystem related things on Linux have long been a mess, full of half assed solutions and disclaimers like "we know its broken, and we don't care", or, "you can't do it the way you want, you can only do it this way, even though it does not work well for you". For many users, having encryption done above the filesystem is far preferable, since encrypting everything at the block layer is overkill. Most people don't need /usr/bin encrypted. Talking about needless performance degradation. So the idea that this is the only well supported way to have encryption is retarded. A lot of people just want per directory encryption, and they want it to be secure, reliable and robust. Reading the documentation for the kernels ecryptfs solution gives you the impression that no one cares about it, and the kernel people don't like it that you are using it. and the idea that people should encrypt /usr/bin and everything is absurd. Encrypting at block layer is what many people do not want. But for no good reason, kernel people think you should have to encrypt everything at the block layer. There is no technical reason, encryption above filesystem can be perfectly robust, no excuses.
    Well.. actually with new self-encrypting SSDs and sedutil I solve many of these issues