Security

As everything else, the choice of the system setup also has security implications, a few of these with respect to RAMDISC systems should be noted here. System security and long term analysis relies on continuous system logs, writes to RAMDISKs are quick, but to an off-site storage media or a slow solid-state disc are delayed, system logs may thus be lost. A possible work around is to carefully select critical and non-critical logs, writing these along with other critical status data to a non-volatile media (e.g. NVRAM). This solution is quite limited as, in general, no large NVRAMs will be available. Alternatively, log-files may be moved off-site to ensure a proper system trace, as access may not be possible after a system failure. When writing logs to a non-volatile media like a flash-card locally one needs to consider the read/write cycle limitations of these devices, as letting syslogd/klogd write at full-speed to a log-file on such a media can render it usless within a few months of operations, making in hardly better than off-site logging.

A clear advantage of RAMDISC based systems is that although the filesystem modifications are volatile as - is the entire system - a 'hack' would be eliminated by the next reboot, giving a safe although invasive possibility to relatively quickly put the system into a sane-state of operations. To enhance this feature, access to the boot-media can be prevented by removing the appropriate kernel module from the kernel and deleting it on the filesystem. In case the boot-media needs to be accessed for updates, the required filesystem/media kernel-modules simply can be uploaded to the target and inserted into the kernel. This strategy makes it very hard for an unauthorized user to access the systems boot-media unnoticed. A reboot puts the system in a sane-state, as noted above - a system can also be configured to boot into a maintenance mode over the network, allowing for an update of the system. These methods are quite easy to implement. For example, such a dual-boot setup RAM-disc or Network, requires no more than a second kernel on the boot-media ( <= 400K) and a boot-selection that is configurable (syslinux, grub, lilo etc.) on the system. RAMDISC based systems can be a security enhancement, if setup is done carefully.