/tmp on tmpfs (was: Re: Summary/Minutes for today's FESCo meeting (2012-04-02))
M A Young
m.a.young at durham.ac.uk
Mon Apr 2 21:30:24 UTC 2012
On Mon, 2 Apr 2012, Lennart Poettering wrote:
> On Mon, 02.04.12 16:55, Steve Grubb (sgrubb at redhat.com) wrote:
>>
>> What about forensics? Any reboot erases information that might have been needed
>> to see what happened during a break in.
>
> /tmp is already volatile and cleaned up in regular intervals. The new
> clean-up on boot is just one tiny bit of additional clean-up.
there is a big difference however with files in /tmp being around for 30
days, and the files being cleaned on a reboot, which might be necessary to
get the system in a reliable enough state to do any forensics.
This also means a big change in user experience as many will be expecting
things in /tmp to remain there for a while before being deleted even if
the system is restarted or crashes.
Michael Young
More information about the devel
mailing list