On Sun, Jun 10, 2012 at 12:20:32PM +0200, Wouter Verhelst wrote:
When /tmp is in a tmpfs, it's easy to connect the dots if it's empty on the next boot, and even easy to understand that restoring there (and then rebooting) isn't going to be very helpful.
I don’t think the standard user will realize the difference between disk /tmp cleaned at reboot and a RAM disk.
Also, the symlink attack thing isn't just something I made up; tmpreaper's REAME.Debian actually warns about that.
True, but tmpreaper is not needed for systems with frequent reboots. /tmp on disk is cleaned according to the setting of TMPTIME. You need tmpreaper to clean /tmp on systems which rarely reboot. And then you have the same problem with tmpfs.
Stephan -- | Stephan Seitz E-Mail: stse@fsing.rootsland.net | | Public Keys: http://fsing.rootsland.net/~stse/keys.html |
Attachment:
smime.p7s
Description: S/MIME cryptographic signature