noexec on /dev/shm
Tomasz Torcz
tomek at pipebreaker.pl
Wed Jan 19 19:24:50 UTC 2011
On Wed, Jan 19, 2011 at 01:11:08PM -0600, Callum Lerwick wrote:
> On Thu, Dec 23, 2010 at 11:26 AM, drago01 <drago01 at gmail.com> wrote:
> > Well /tmp should be mounted tmpfs anyway (I have been doing this for
> > years and it is working just fine).
> > tmp isn't a persistent storage so it makes a lot of sense, and it is
> > *not* a dumping ground for giant files (apps that try to do that are
> > just broken).
>
> Unfortunately firefox is one of those apps. I experimented with tmpfs
> /tmp a while back, and ran into very much badness. /tmp rapidly gets
> all full of large PDFs I've clicked on, as well as the flash plugin
> seems to like to spool video its streaming in /tmp.
>
> In fact on my servers I symlink /tmp to /home/tmp, as I like to keep
> root small as possible and maximize /home. And no, a dedicated /tmp
> filesystem is silly, why would I want to dedicate a fixed slice of
> disk space to /tmp that isn't going to be used 99% of the time, and
> will inevitably turn out to be not big enough %1 of the time?
You can add a cherry on top of your /home/tmp solution using
per-user /tmp:
http://fedoraproject.org/wiki/Infrastructure/FedoraPeopleConfig#polyinstantiated_tempdirs
Which is very cool solutions, although orthogonal to the problem
described ;)
--
Tomasz Torcz There exists no separation between gods and men:
xmpp: zdzichubg at chrome.pl one blends softly casual into the other.
More information about the devel
mailing list