Mounting thumbnails to tmpfs

selected · April 22, 2024, 2:47am

Thumbnails are turned off by default in Workstation. Would it be a good idea to mount all thumbnails to a tmpfs directory stored in RAM? Thumbnails rarely add up in significant size - I’ve generated up to 10,000 before and it barely took 1 GB. Would an entry in fstab like the following be ideal, or are there security risks in doing so?:

none /home/[username]/.thumbnails tmpfs rw,noexec,nosuid,size=20%,uid=1000,gid=1000,mode=0755 0 0
none /home/[username]/.cache/thumbnails tmpfs rw,noexec,nosuid,size=20%,uid=1000,gid=1000,mode=0755 0 0

extraextra · April 22, 2024, 8:03am

That’s for security reasons. Less attack surface. It’s not for the purpose of saving disk space.

selected · April 22, 2024, 11:28pm

I’m not concerned about saving space. I’m asking for the sake of the convenience of thumbnails. Would having thumbnails mounted to a tmpfs directory give less attack surface than having them normally, or does it make no difference?

extraextra · April 23, 2024, 2:01am

No difference.

The code that parses the thumbnails (file manager) is already running. If it can be exploited by crafted images then it turns malicious. So noexec and tmpfs likely aren’t helpful.