Fedora Core 15: /dev/mapper/vg_youwish-lv_swap swap swap defaults 0 0 tmpfs /tmp tmpfs defaults 0 0
Removed other options it should have, but defaults do not include nosuid,nodev,noexec. On 4/12/12, Mark Krenz <m...@suso.com> wrote: > > Hello. After posting the flaw with libvte's handling of the scrollback > buffer (writing it to disk), there were several people who made the > erroneous claim that most distributions of Linux use tmpfs now and > encrypt swap and that this shouldn't be an issue. > > Because these claims attempted to diminish the importance of the flaw > for many, I installed most of the popular distributions of Linux as well > as some of the BSDs for comparison to see what their default setup was > after installation. I have found that of the 35+ distribution versions > that I tested, only the latest Arch Linux puts /tmp on tmpfs by default > and the only other distributions that show it as an option during > installation are Mageia or PC Linux OS. So the libvte flaw indeed is a > widespread problem. > > I've documented the results at: > > http://www.climagic.org/bugreports/libvte-flaw-distro-defaults-chart.html > > > You can view the libvte bug report here: > > http://climagic.org/bugreports/libvte-scrollback-written-to-disk.html > > > Extra Note: I'm not suggesting that everyone put their /tmp on tmpfs > and/or start using encrypted filesystem. There are other considerations > which I talk about in the document above. > > > -- > Mark S. Krenz > IT Director > Suso Technology Services, Inc. > > Sent from Mutt using Linux > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ > _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/