Comment # 1 on bug 1210264 from 
First of all, this is clearly a feature request, not a bug.

Why do you think dividing up the root filesystem into an encrypted and an
unencrypted part would save any disk space? It only makes things more
complicated; a LOT more complicated, actually.

Any miniscule performance gain by not needing to decrypt every disk block while
reading would immediately be out the window by the need to constantly check
everything while reading, as you suggest.

You can already verify individual or all software packages with "rpm --verify"
(see "man rpm" for more details) if you want to do this every now and then.
Doing it all the time would be a huge performance drain. That's basically
combining all the disadvantages of an unencrypted filesystem and an encrypted
filesystem into one.

You are receiving this mail because: