On Sat, Jan 26, 2008 at 17:35:02 -0500, lanas <lanas@xxxxxxxxxxxxx> wrote: > On Saturday, 26 January 2008 13:18:20 -0600, > Bruno Wolff III <bruno@xxxxxxxx> wrote : > > > If the answer to the above question is because he doesn't want the > > encrypted drive mounted all of the time, then it would be useful to > > hear what the threat model is that produces that requirement. > > Simply to leave the backups alone. The only 'threat' would be that > inadvertently a user could mess with the files on the backup drive. How? The file system should be mounted in such a way that only the backup user and root have access. (Even if you don't take Alan's advice.) Other users shouldn't be able to mess with it even though it is mounted.