Linux security issues
Paul Koning 1695
pkoning at chipcom.com
Fri Oct 27 07:55:15 PDT 1995
>Actually keeping the pass phrase out of swap space is fairly easy (although
>I havn't looked at the PGP code to see if it actually does this).
>...
>However, the pass phrase is not the only dangerous information.
>...
>N.B. This problem affects all virtual memory operation systems.
Not all of them. In at least one (VMS) you can pin pages in physical
memory,
i.e., prevent them from being written to disk. Actually, any OS that does
I/O
directly to user pages has that capability in the kernel; in the case of VMS
(and possibly others, I don't know) it also exists as a system service that
applications can invoke.
This solves the problem: you can pin a suitable number of pages, and put
your sensitive data buffers there.
paul
More information about the cypherpunks-legacy
mailing list