(dotat.at)

257 points todsacerdoti | 1 comments | 22 Oct 24 12:36 UTC | HN request time: 0.27s | source

Show context

Aardwolf ◴[22 Oct 24 13:11 UTC] No.41913873[source]▶

>>41913610 (OP) #

I like /tmp in RAM myself, it's truly temporary that way

EDIT: I do this more for avoiding certain disk reads/writes than security actually

replies(6): >>41913905 #>>41913910 #>>41913918 #>>41914627 #>>41916103 #>>41916856 #

nullindividual ◴[22 Oct 24 13:15 UTC] No.41913905[source]▶

>>41913873 #

You'd need to pin pages in physical memory to guarantee it stays in physical memory. What happens if an 'attacker' (or accidental user) exceeds available physical memory? OOM Kill other applications? Just don't accept temp data, leading to failures in operations requested by the user or system?

Pages in physical memory are not typically zero'ed out upon disuse. Yes, they're temporary... but only guaranteed temporary if you turn the system off and the DRAM cells bleed out their voltage.

replies(4): >>41913943 #>>41913945 #>>41915792 #>>41918431 #

1. akira2501 ◴[22 Oct 24 20:34 UTC] No.41918431[source]▶

>>41913905 #

> exceeds available physical memory?

shm and memory mounts use half the available system memory by default. so this is not typically possible.

> are not typically zero'ed out upon disuse

They're zeroed when they're reallocated.

> and the DRAM cells bleed out their voltage.

This occurs in less than a second in almost every room temperature environment.

↑

Against /tmp