Re: Security of data in memory
From: John Viega (viega@securesw.com)Date: 12/26/01
- Previous message: Nicholas Brawn: "Security of data in memory"
- In reply to: Nicholas Brawn: "Security of data in memory"
- Next in thread: Kurt Seifried: "Re: Security of data in memory"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Wed, 26 Dec 2001 13:46:09 -0500 From: John Viega <viega@securesw.com> To: Nicholas Brawn <ncb@pobox.com>
Other than what you mentioned, the first thing that comes to mind is
to use mlock() to avoid hitting swap. Semantics as to who can lock
differ between operating systems. On Linux, you need root privs. On
other OSs the user can generally lock a fixed number of pages.
John
On Wed, Dec 26, 2001 at 12:31:16AM +1100, Nicholas Brawn wrote:
> I have a unix program that reads in an encrypted file, decrypts it and
> works on it whilst in memory. What security considerations should I be
> aware of? I'm thinking of things like clearing the decrypted buffer
> prior to exiting, not storing any of the data in a temporary file, etc.
>
> Cheers,
> Nick
>
> --
> Real friends help you move bodies.
- Previous message: Nicholas Brawn: "Security of data in memory"
- In reply to: Nicholas Brawn: "Security of data in memory"
- Next in thread: Kurt Seifried: "Re: Security of data in memory"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
