Peter Gutmann's paper 'Secure Deletion of Data from Magnetic and Solid-State Memory' (http://www.cs.auckland.ac.nz/~pgut001/pubs/secure_del.html) has sections on the recovery and erasure of data stored in RAM. Perhaps you should also disable core dumps with setrlimit? HTH. -Chris Holloway. On Tue, 2001-12-25 at 13:31, Nicholas Brawn wrote: > I have a unix program that reads in an encrypted file, decrypts it and > works on it whilst in memory. What security considerations should I be > aware of? I'm thinking of things like clearing the decrypted buffer > prior to exiting, not storing any of the data in a temporary file, etc. > > Cheers, > Nick > > -- > Real friends help you move bodies. >
This archive was generated by hypermail 2b30 : Wed Jan 16 2002 - 15:37:37 PST