Re: Security of data in memory

From: Pavol Luptak (Pavol.Luptakat_private)
Date: Fri Jan 18 2002 - 08:27:08 PST

Next message: infosat_private: "Network test toolbox lcrzoex 4.03"

Previous message: Matthew Cline: "Re: Security of data in memory"
In reply to: Matthew Cline: "Re: Security of data in memory"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Matthew Cline wrote:

>>On Tue, 2001-12-25 at 13:31, Nicholas Brawn wrote:
>>
>>>I have a unix program that reads in an encrypted file, decrypts it and
>>>works on it whilst in memory. What security considerations should I be
>>>aware of? I'm thinking of things like clearing the decrypted buffer
>>>prior to exiting, not storing any of the data in a temporary file, etc.
>>>
>
>On UNIX GnuPG (http://www.gnupg.org) can, if installed SUID root, locks 
>memory pages to prevent them from being swapped out to disk.
>
Or CAP_IPC_LOCK should be enough.

-- 
_____________________________________________________________________
[Pavol Luptak, ICZ a.s.] [Pavol.Luptakat_private] [mobil: +420 724 429787]

Next message: infosat_private: "Network test toolbox lcrzoex 4.03"
Previous message: Matthew Cline: "Re: Security of data in memory"
In reply to: Matthew Cline: "Re: Security of data in memory"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Jan 18 2002 - 09:55:34 PST