Re: When scrubbing secrets in memory doesn't work

From: Richard Moore (richat_private)
Date: Mon Nov 18 2002 - 08:36:57 PST

Next message: Arab VieruZ: "XSS bug in phpBB"

Previous message: Aviram Jenik: "TFTPD32 Directory Traversal Vulnerability"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Nicholas Weaver wrote:
> On Thu, Nov 14, 2002 at 02:44:58AM -0800, Michael Wojcik composed:
> The bigger concern is when the memory is paged to disk, and that
> record may have a much MUCH longer time window.  But scrubbing has no
> real effect on this, this is an effect of VM memory management and
> memory-only pinning.
> 

It's worth noting that on systems such as linux and solaris, it is easy 
to avoid the paging problem by locking the process into memory. This is
accomplished using the system calls mlock(2) and mlockall(2). The former 
is probably more suitable as the latter locks all of pages for the 
process. This is of course outside the scope of the C (or other 
language) definition.

Cheers

Rich.

Next message: Arab VieruZ: "XSS bug in phpBB"
Previous message: Aviram Jenik: "TFTPD32 Directory Traversal Vulnerability"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Wed Nov 20 2002 - 02:54:14 PST