Email stored in a library located on encrypted storage is copied to unencrypted storage (/private/var/tmp/…) when “Reveal in Finder” is selected.
Would it be possible to create the temporary directory in the library itself?
In the meantime I’ll use Disk Utilities “Erase Free Space” to mitigate the risk, although it is highly doubtful whether it erases data traces left in slack space.
Thank a lot
Hinnerk
I will look into that, however I’m not sure it’s the right solution. Even if EagleFiler put its temporary storage there, there’s no way it can guarantee that the OS services it uses store their temporary files there, too. You might want to look into using FileVault, which I think moves the OS’s temporary files folder into encrypted storage.
You’re of course right.
Since FileVault does (as far as I know) not encrypt /tmp and /var the most appealing solution may be to put the whole OS in a virtual machine and let the host operating system do the encryption.
As all this has absolutly nothing to do with EF, please postpone/forget my request.
Thank you for your really fast and informative answer!
Hinnerk
I haven’t been able to confirm this, but I think that FileVault changes the temp folder to a folder inside the (encrypted) home folder. I guess if a tool is hard-coded to use /tmp it probably wouldn’t work as you want, but if it asks the OS for the temporary folder it should use the encrypted location.
As part of EagleFiler 1.2’s support for encrypted libraries, all temporary files (that EagleFiler creates) are now stored inside the library itself.