Commit bce53092 authored by Tails developers's avatar Tails developers
Browse files

tmpfs does *not* guarantee that things are not written to disk.

It can be swapped out. ramfs does guarantee this IIRC, but it lacks uid=, size=
etc. mount options. Not as if it mattered in this specific case, but I'm not in
the mood to rewrite this bit of doc using ramfs today.
parent c88be13e
......@@ -253,8 +253,8 @@ Import the signing key
======================
You should never import the Tails signing key into your own keyring,
and a good practice is to import it to a tmpfs so no key material is
written to disk:
and a good practice is to import it to a tmpfs to limit the risks that
the private key material is written to disk:
export GNUPGHOME=$(mktemp -d)
sudo mount -t tmpfs tmpfs "$GNUPGHOME"
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment