> On Tue, 2001-12-25 at 13:31, Nicholas Brawn wrote: > > I have a unix program that reads in an encrypted file, decrypts it and > > works on it whilst in memory. What security considerations should I be > > aware of? I'm thinking of things like clearing the decrypted buffer > > prior to exiting, not storing any of the data in a temporary file, etc. On UNIX GnuPG (http://www.gnupg.org) can, if installed SUID root, locks memory pages to prevent them from being swapped out to disk. -- http://dmoz.org | Give a man a match, and he'll be warm for a | minute, but light him on fire, and he'll be The world's largest human edited | warm for the rest of his life. edited web directory directory |
This archive was generated by hypermail 2b30 : Wed Jan 16 2002 - 16:35:40 PST