I have been using full-disk encryption for some time on Linux with good success, but the additional layer of complexity that it adds is something I'd like to avoid, e.g. backup/system restore complexity, lack of TRIM support for an SSD, etc. Ideally, I'd just encrypt each directory (such as 'Documents') that contains sensitive data.
As a single-user machine, I'm not particularly worried about 'root' seeing the mounted data. I'm only worried about someone breaking in and walking off with the hardware and having access to the data.
The machine in question has 16 GB of RAM and is running a solid-state drive so I have no swap partition whatsoever. If an application has nowhere to swap, generally I shouldn't have to worry about it writing to some unprotected/unencrypted location.
My question is if I should worry about other directories where an application my decide to temporarily store files. For example, should I bother trying to encrypt the '/tmp' directory?