Matthew Cline wrote: >>On Tue, 2001-12-25 at 13:31, Nicholas Brawn wrote: >> >>>I have a unix program that reads in an encrypted file, decrypts it and >>>works on it whilst in memory. What security considerations should I be >>>aware of? I'm thinking of things like clearing the decrypted buffer >>>prior to exiting, not storing any of the data in a temporary file, etc. >>> > >On UNIX GnuPG (http://www.gnupg.org) can, if installed SUID root, locks >memory pages to prevent them from being swapped out to disk. > Or CAP_IPC_LOCK should be enough. -- _____________________________________________________________________ [Pavol Luptak, ICZ a.s.] [Pavol.Luptakat_private] [mobil: +420 724 429787]
This archive was generated by hypermail 2b30 : Fri Jan 18 2002 - 09:55:34 PST