Comments (5)
If you set the correct permissions on /tmp/something , then it shouldn't be any different from other locations on your file system. There is no reason to colocate it with the basedir.
from cryfs.
from cryfs.
@smessmer Thanks for your response, and apologies for the delay in mine.
Thanks for that suggestion, I'll use rmdir instead from now on.
Is it safe to mount to /tmp/?
As I'm not a developer I wouldn't know how to conduct a PR so I can't be of help in that regard. I'll close this issue if that's okay.
from cryfs.
Is it safe to mount to /tmp/?
The /tmp
directory is often world-read/writeable, so any other program on your computer can read and write to it and expects to be able to do so or may crash. By default, CryFS only allows access to the user who actually mounted it so if you actually want other users or processes to access it (which for /tmp sounds like you may want to), you could look at the -o allow_root -o allow_other
command line parameters. There's also the question whether other programs can handle you mounting or unmounting the file system after they're already running and have written things to it, you may want to make sure it gets mounted at system startup and stays mounted until shutdown.
Or did you mean mounting to /tmp/something and not to /tmp itself? I don't see any issues with that
from cryfs.
@smessmer The reason I asked was because I figured /tmp/ was appropriate to mount temporary files/filesystems because when it's unmounted and the system restarts, the contents get flushed, which is convenient. I don't have any other users on my system and I don't plan to. I also have a high security requirement, so from what I gather it sounds like mounting to /tmp/ is not a good idea. However, you have said /tmp/something is different; does this mean /tmp/ can be read by any program, while /tmp/something cannot? If there's no security/privacy risk doing that, then I suppose I'll do that. The only reason is to have the empty mountpoints disposed of more easily. It just saves me having to do it manually.
For maximum security, does it make more sense to mount on the same disk and directory as the basedir? It seems that way to me. Perhaps it would have lower system overhead as well?
from cryfs.
Related Issues (20)
- Unmount on windows does not work CryFS Version 0.11.3 HOT 1
- Deleting files causes cryfs crash / freeze
- Error 16: Could not write to base directory HOT 2
- Please support conan@2 with homebrew install on Apple Silicon HOT 2
- Cannot encrypt within a mounted directory (aka nested or double encryption) HOT 1
- Are transfer speeds between mounted directories on the same disk throttled by cryfs? HOT 2
- Fails to compile with gcc 13 HOT 8
- Build failure with Python 3.12 HOT 2
- Frequently get - Killed on log in HOT 5
- Block size vs disk type
- Duplicate issue- please delete
- cannot mount due to "size overflow" HOT 3
- Expected performance?
- Input/output error HOT 1
- Data becomes near unrecoverable when cryfs vault has too many / too large files
- HELP WINDOWS VERSION Error: Could not unmount filesystem HOT 3
- Macport install fails HOT 1
- [error] Crashed: This is not a valid block. HOT 1
- FR: concurrent access from multiple machines HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from cryfs.