https://bugs.kde.org/show_bug.cgi?id=374937
Elvis Angelaccio <elvis.angelac...@kde.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Severity|normal |wishlist
Status|UNCONFIRMED |CONFIRMED
Ever confirmed|0 |1
--- Comment #3 from Elvis Angelaccio <elvis.angelac...@kde.org> ---
(In reply to Greg from comment #2)
> (In reply to Elvis Angelaccio from comment #1)
> > If you really need this level of protection, I think you should consider
> > mounting your /tmp on a tmpfs, so that nothing is ever written on disk. What
> > do you think?
>
> Thanks, Elvis -- tmpfs is a great tool (which I use), and is typically the
> default these days, but as it is swap-backed it doesn't guarantee the data
> isn't written to disk unless the machine has -no- swap (but of course that
> applies, perhaps to a lesser extent, to the memory pages used by the viewer
> too).
Right, I don't use swap so that didn't cross my mind :p
>
> My reason for this feature request is mainly so Ark's behavior can be
> consistent with the data that it is handling -- if encrypted data is being
> viewed without the user's intention to actually "extract" the data, it makes
> sense to minimize the persistence of the decrypted copy.
Note that if the archive is a zip with pkware encryption, everything is lost
anyway. An attacker who has physical access to the disk can crack that archive
in minutes.
So shreding the temp files would only help with rar or 7z archives with AES
encryption.
Well, patches welcome :)
--
You are receiving this mail because:
You are watching all bug changes.
