Question Re Encrypted File Systems
I've been looking into encrypted file systems over the last few weeks, exploring their deployment in our work environment. It seems to me that they are only really useful for removable file systems. Suppose that I setup an encrypted file system, but it loads on boot via fstab or some other method. If my system is compromised and the volume is already mounted, what difference does it make? I suppose there is an advantage in terms of physical security in that if the physcal disk were stolen it wouldn't be readable by simply plugging into another system. Am I missing something here or am I on target?