/tmp on tmpfs (was: Re: Summary/Minutes for today's FESCo meeting (2012-04-02))
Stephen John Smoogen
smooge at gmail.com
Mon Apr 2 21:21:03 UTC 2012
On 2 April 2012 14:55, Steve Grubb <sgrubb at redhat.com> wrote:
> On Monday, April 02, 2012 03:58:12 PM Richard W.M. Jones wrote:
>> > * #834 F18 Feature: /tmp on tmpfs -
>> >
>> > http://fedoraproject.org/wiki/Features/tmp-on-tmpfs (mitr, 17:40:06)
>> > * AGREED: tmp-on-tmpfs is accepted (+5 -3) (mitr, 18:12:52)
>>
>> Actually I think this is a good feature, but ...
>
> What about forensics? Any reboot erases information that might have been needed
> to see what happened during a break in.
I would guess it is a tossup. Depending on the security plan.. systems
may want stuff in tmpfs to not allow for stuff to be around for a
reboot (in the case where physical access after a reboot could
compromise tokens and such). Other security plans required tmpfs to be
turned off for forensics.
Many of the break-in kits though use /dev/shm already so they aren't
going to be around after a reboot.
I would expect that any turn-on/turn-off of tmpfs would need to be
configurable so that users who needed one or the other could get it.
--
Stephen J Smoogen.
"The core skill of innovators is error recovery, not failure avoidance."
Randy Nelson, President of Pixar University.
"Years ago my mother used to say to me,... Elwood, you must be oh
so smart or oh so pleasant. Well, for years I was smart. I
recommend pleasant. You may quote me." —James Stewart as Elwood P. Dowd
More information about the devel
mailing list