kde's caches and encrypted homes

Philip Muskovac yofel at gmx.net
Sun Nov 11 20:20:46 UTC 2012


On 11/11/2012 03:03 PM, Harald Sitter wrote:
> https://bugs.launchpad.net/ubuntu/+source/kde4libs/+bug/786150
>
> tldr: kde software by default caches stuff in /var which is not covered
> by home encryption
>
> Scott's take on this is that if this concerns a user they should be
> using full disk encryption as this can happen with many applications,
> not just KDE software.
>
> While I agree with the general statement I do not think encrypting the
> entire disk is a viable solution what with having quite the impact on
> performance. At the same time looking at this form a performance POV,
> the reason caches are in /var is because they potentially change a lot
> and the less ever-changing stuff I have encrypted the better.
>
> Yet the issue highlighted is a real one and needs some solution, be it
> to document possible workarounds or fiddle with the home encryption
> magic to force kde's caches into $HOME.
>
> Thoughts?

You could set KDEVARTMP if encryption is used (not sure how to reliably 
auto-detect that, but maybe it would be sufficient for ubiquity to 
enable that). But the same then goes for KDETMP as well as /tmp is 
neither encrypted nor a tmpfs by default.

 From a performance point I don't think it would matter that much. Maybe 
login would get a second slower or so while it decrypts the cached stuff.



More information about the kubuntu-devel mailing list