On Fri, Jul 2, 2010 at 9:22 AM, Ansgar Burchardt <ans...@43-1.org> wrote: > Hi, > > Dustin Kirkland <kirkl...@canonical.com> writes: > >> However, it's worth mentioning that /tmp is wiped on every boot in >> Ubuntu. For this reason, I usually put my /tmp in a tmpfs in memory >> (on systems where I have a few GB of memory). Add this line to your >> /etc/fstab: >> tmpfs /tmp tmpfs rw >> >> This ensures that the data written to /tmp is never actually written >> to disk. I think this is an excellent best-practice for the security >> conscious. > > This is not always true. Contents of a tmpfs can be swapped to disk[1] > and you might thus leak information when you rely on the fact that > contents of a tmpfs will never be written to permanent storage.
If you setup your encrypted home in the default manner, you automatically have encrypted swap. $ cat /proc/swaps Dustin -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss