As nice as tmpfs is the risk is not worth it unfortunately. I can't have any decrypted data wriiten to physical disk.
Regards ________________________________ From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Zavodsky, Daniel (GE Money) Sent: 12 March 2008 10:55 To: Red Hat Enterprise Linux 5 (Tikanga) discussion mailing-list Subject: RE: [rhelv5-list] ramdisk vs tmpfs in terms of security I meant that even a full tmpfs may be swapped out if you are not accessing the files and other programs need the memory. However, if you create some files there, do operations on them and then immediately delete them, a swap out should not occur at the time you are using the tmpfs. Best regards, Daniel ________________________________ From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Gerrard Geldenhuis Sent: Wednesday, March 12, 2008 11:35 AM To: Red Hat Enterprise Linux 5 (Tikanga) discussion mailing-list Subject: RE: [rhelv5-list] ramdisk vs tmpfs in terms of security That is a good point. However if there are no files on the tmpfs partition at the time of swap out, then this should not be a problem I believe. Regards ________________________________ From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Zavodsky, Daniel (GE Money) Sent: 12 March 2008 10:08 To: Red Hat Enterprise Linux 5 (Tikanga) discussion mailing-list Subject: RE: [rhelv5-list] ramdisk vs tmpfs in terms of security Hello, Be careful, tmpfs *may* be swapped out at a later time if you are not using it actively and other programs need the memory. Thus, always use encrypted swap if you want to be on the safe side. Best regards, Daniel ________________________________ From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Gerrard Geldenhuis Sent: Wednesday, March 12, 2008 10:58 AM To: Red Hat Enterprise Linux 5 (Tikanga) discussion mailing-list Subject: [rhelv5-list] ramdisk vs tmpfs in terms of security Hi Can anyone comment of the security concerns of tmpfs vs ramdisk if used as scratch space to decrypt/encrypt data? According to my understanding tmpfs should be just as safe as ramdisk as long as you limit the size to be smaller than the actual memory available. My only concern is what would happen if your memory is full and you then mount a new tmpfs. Will it be written to disk in swap space, that at least is what I understand would happen, which would not be great. But if you assign the tmpfs at boot time then there should not be any problem unless you grow beyond the intial size. Regards
_______________________________________________ rhelv5-list mailing list [email protected] https://www.redhat.com/mailman/listinfo/rhelv5-list
