kde's caches and encrypted homes
yofel at gmx.net
Sun Nov 11 20:20:46 UTC 2012
On 11/11/2012 03:03 PM, Harald Sitter wrote:
> tldr: kde software by default caches stuff in /var which is not covered
> by home encryption
> Scott's take on this is that if this concerns a user they should be
> using full disk encryption as this can happen with many applications,
> not just KDE software.
> While I agree with the general statement I do not think encrypting the
> entire disk is a viable solution what with having quite the impact on
> performance. At the same time looking at this form a performance POV,
> the reason caches are in /var is because they potentially change a lot
> and the less ever-changing stuff I have encrypted the better.
> Yet the issue highlighted is a real one and needs some solution, be it
> to document possible workarounds or fiddle with the home encryption
> magic to force kde's caches into $HOME.
You could set KDEVARTMP if encryption is used (not sure how to reliably
auto-detect that, but maybe it would be sufficient for ubiquity to
enable that). But the same then goes for KDETMP as well as /tmp is
neither encrypted nor a tmpfs by default.
From a performance point I don't think it would matter that much. Maybe
login would get a second slower or so while it decrypts the cached stuff.
More information about the kubuntu-devel