If you cannot be surprised while the drive is mounted, and cannot be compelled to mount it (maybe just by booting the machine) then there is no known specific additional risk to running FDE.
Note that "surprised" might include a networked attack, in addition to being tackled in a coffee shop.
File-level encryption protects your data until you reach the court order level of compulsion, and possibly further. At least in civilized countries.
So, given those caveats, I'd say your answer is "yes", but...the best plan is to do both. FDE as a matter of policy, and file-level on any files of specific value.
Thanks again. Can you please clarify what is meant by networked attack in this context? Someone gaining access to the mounted drive over a network, or something else?
Sure. If your FDE disk is mounted and your machine is susceptible to any kind of remote exploit (OpenSSL, Adobe flash, weak ssh password, etc) then the attacker has full reign over your disk when they arrive.
File-level encryption constrains them to just the files you have open at the time, although of course any breach might be persistent, so they could theoretically wait around until supersecret.txt gets opened and grab it then.
Note that "surprised" might include a networked attack, in addition to being tackled in a coffee shop.
File-level encryption protects your data until you reach the court order level of compulsion, and possibly further. At least in civilized countries.
So, given those caveats, I'd say your answer is "yes", but...the best plan is to do both. FDE as a matter of policy, and file-level on any files of specific value.