Rather than dumping encryption (which does have plenty value on a mobile desktop system), you could create the users' web dirs outside $HOME and ln or even mount-bind them in so users see the directory where they expect but it's not encrypted...
I know I'm stating the obvious and it's not totally secure.. but it is *more secure* than dumping encryption fully... And probably more secure than giving your server the keys to your $HOME.
_______________________________________________ Cherokee mailing list [email protected] http://lists.octality.com/listinfo/cherokee
