On Wed, 24 May 2017 12:30:36 -0700 Rich Freeman wrote: > On Wed, May 24, 2017 at 11:34 AM, Ian Zimmerman <i...@primate.net> wrote: > > On 2017-05-24 08:00, Kai Krakow wrote: > > > >> Unix semantics suggest that /tmp is not expected to survive reboots > >> anyways (in contrast, /var/tmp is expected to survive reboots), so > >> tmpfs is a logical consequence to use for /tmp. > > > > /tmp is wiped by the bootmisc init job anyway. > > > > In general I haven't found anything that is bothered by /var/tmp being > lost on reboot, but obviously that is something you need to be > prepared for if you put it on tmpfs. > > One thing that wasn't mentioned is that having /tmp in tmpfs might > also have security benefits depending on what is stored there, since > it won't be written to disk. If you have a filesystem on tmpfs and > your swap is encrypted (which you should consider setting up since it > is essentially "free") then /tmp also becomes a useful dumping ground > for stuff that is decrypted for temporary processing. For example, if > you keep your passwords in a gpg-encrypted file you could copy it to > /tmp, decrypt it there, do what you need to, and then delete it. That > wouldn't leave any recoverable traces of the file. > > There are lots of guides about encrypted swap. It is the sort of > thing that is convenient to set up since there is no value in > preserving a swap file across reboots, so you can just generate a > random key on each boot. I suspect that would break down if you're > using hibernation / suspend to disk.
It is easy to use both encrypted swap and encrypted hibernation image (I do this on my laptop). Just before s2disk call disable swap completely, then create empty unencrypted swap and run s2disk (swappiness may be disabled to protect from accidental write of unencrypted data before fresh swap creation and s2disk call). Afterwards s2disk may be used to create encrypted memory image and store it in the swap partition. On resume just reverse actions. Apparently it is pointless to encrypt swap if unencrypted hibernation image is used, because all memory is accessible through that image (and even if it is deleted later, it can be restored from hdd and in some cases from ssd). Best regards, Andrew Savchenko
pgpHK8m7gAlj4.pgp
Description: PGP signature
