As I delve my interest more and more into IT Security, I had to invent a ridiculous scenario for myself: If I ever run out of Live USBs and the only machine available comes from an untrustworthy acquintance, how could I carry on with a (very) urgent critical operation without giving up any details to their host machine and most importantly, without wasting ANY time?
Thanks to Flatpak, this idea is not hard to execute. At all.
Saddly I don't have enough time to explain myself, but taking advantage of Flatpak sandbox and permissions system, one can also make ALL relevant directories underneath work with a volatile filesystem!
- LibreWolf from Flathub
- Create
/mnt/librewolf-downloads
if you plan on using a volatile downloads folder too - Systemd (in case you have swap and/or hibernate activated)
Put sloppywolf.sh
under /usr/local/bin
and make it executable. This is the main script. It mounts/unmounts the ramfs accordingly.
Put sloppywolf-handler.sh
under /lib/systemd/system-sleep/
and make it executable. This will take care of unmounting everything before hibernating
Put sloppywolf.desktop
under ~/.local/share/applications/
. This will create a desktop launcher for Sloppy and even use its custom icon.
Put sloppywolf.png
under /home/<your-username>/.local/share/icons/hicolor/128x128/apps/
Replace your username where necessary aaaand profit!
*If Flatpak ever becomes widely used, it might be plausible to think my acquintance would have it already installed.
https://ubuntuforums.org/showthread.php?t=2473907&p=14090900#post14090900