On Sun, Jun 10, 2012 at 12:20:32PM +0200, Wouter Verhelst wrote:
When /tmp is in a tmpfs, it's easy to connect the dots if it's empty on
the next boot, and even easy to understand that restoring there (and
then rebooting) isn't going to be very helpful.

I don’t think the standard user will realize the difference between disk /tmp cleaned at reboot and a RAM disk.

Also, the symlink attack thing isn't just something I made up;
tmpreaper's REAME.Debian actually warns about that.

True, but tmpreaper is not needed for systems with frequent reboots. /tmp on disk is cleaned according to the setting of TMPTIME. You need tmpreaper to clean /tmp on systems which rarely reboot. And then you have the same problem with tmpfs.

        Stephan

--
| Stephan Seitz          E-Mail: s...@fsing.rootsland.net |
| Public Keys: http://fsing.rootsland.net/~stse/keys.html |

Attachment: smime.p7s
Description: S/MIME cryptographic signature

Reply via email to