On Wed, Apr 19, 2023 at 08:55:25AM +0200, Nicolas George wrote: > to...@tuxteam.de (12023-04-19): > > What I didn't like from the post [...]
> I am not that surprised to find this level of argumentation in a text > that announces its unbalanced conclusion in the title [...] I wouldn't be so harsh, but yes, one gets the impression that the author wants to reach that conclusion. I'd agree with them on not chosing that option by default, though. [...] > Another minor difference that can be a minor upside or downside > depending on the use case: with a tmpfs, the files disappear when the > computer is turned off, with a real filesystem they disappear when it is > turned on. Definitely. If you care about minimising data leak opportunities, keeping /tmp in an encrypted partition seems mandatory. > (I do not know if Debian has provisions to format a /tmp partition with > an ephemeral encryption key on boot, like it has for the swap.) This would be a nice thing, yes (but we know that /tmp is, by default, on the root partition). One case where tmpfs for /tmp makes a ton of sense is when you want to have most things read only (or read mostly), because your devices die from too much writes (the Raspi/SD pattern, for example -- note that I wrote SD, not SSD: no monster thread on that, please ;-) Cheers -- t
signature.asc
Description: PGP signature
