I feel like I'm stating the obvious so perhaps I'm missing something, but FDE only protects anything when a computer is off or a volume is otherwise not mounted.
Eg. your average shoulder surfing/xscreensaver unlock bypassing jerk, hacker or piece of malware isn't going to bother checking if an already mounted filesystem happens to be on an encrypted block device and voluntarily decide not to copy all your private keyfiles.
Eg. your average shoulder surfing/xscreensaver unlock bypassing jerk, hacker or piece of malware isn't going to bother checking if an already mounted filesystem happens to be on an encrypted block device and voluntarily decide not to copy all your private keyfiles.