![]() Or you can create individual filesystems for each user. to be ready for mounting by a next user, previous user should unmount this filesystem. Which is cool.Īlso, this filesystem can be mounted by several users independently, but not at the same time, i.e. Once he/she unmounts it, or system gets rebooted, this RAM-based filesystem will vanish with all its data. Once some user mounts this, new ramfs filesystem is created and mounted at /mnt/ramfs/. When this is done, any user will be able to mount this on demand. mode is very important, with the octal code 1777 any user is allowed to create files and directories, but only owners of those files and directories will be able to access them (you may use different code of your choice as well, but be very sure about it!).It has no effect though, as the ramdisk will grow as needed. size sets this "ramdisk's" size (you can use M and G here).user makes this mountable by regular users.noauto option prevents this from being mounted automatically (e.g./mnt/ramfs is a mount point, where the ramfs filesystem will be mounted.The line in fstab may look like this: none /mnt/ramfs ramfs noauto,user,size=1024M,mode=1777 0 0 Ask the administrator of your system to set this up for you, if you lack root privileges.Īt first, you need to add a line to the /etc/fstab. ![]() To do this, you will need root privilege, once. You can prepare ramfs mount so any non-privileged user can mount/unmount it on-demand. Third parties who later gain root or physical access to the machine then can inspect the swap space and extract sensitive data. Ramfs is better than tmpfs when data needs to be secret, since ramfs data never gets swapped (saved to a physical storage drive), while tmpfs may get swapped. You may want to use ramfs if you plan to use RAM-backed space to temporary store sensitive data, such as private keys, Bitcoin or Ethereum wallets and such. There is a better, guaranteed ephemeral, standard alternative - ramfs. on systems with active swap! Chances are very high your computer has it enabled.
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |