Re: Security of data in memory
From: Matthew Cline (matt@nightrealms.com)Date: 01/17/02
- Previous message: Chris Holloway: "Re: Security of data in memory"
- In reply to: Chris Holloway: "Re: Security of data in memory"
- Next in thread: Pavol Luptak: "Re: Security of data in memory"
- Reply: Pavol Luptak: "Re: Security of data in memory"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: Matthew Cline <matt@nightrealms.com> To: secprog@securityfocus.com Date: Wed, 16 Jan 2002 15:44:34 -0800
> On Tue, 2001-12-25 at 13:31, Nicholas Brawn wrote:
> > I have a unix program that reads in an encrypted file, decrypts it and
> > works on it whilst in memory. What security considerations should I be
> > aware of? I'm thinking of things like clearing the decrypted buffer
> > prior to exiting, not storing any of the data in a temporary file, etc.
On UNIX GnuPG (http://www.gnupg.org) can, if installed SUID root, locks
memory pages to prevent them from being swapped out to disk.
-- http://dmoz.org | Give a man a match, and he'll be warm for a | minute, but light him on fire, and he'll be The world's largest human edited | warm for the rest of his life. edited web directory directory |
- Previous message: Chris Holloway: "Re: Security of data in memory"
- In reply to: Chris Holloway: "Re: Security of data in memory"
- Next in thread: Pavol Luptak: "Re: Security of data in memory"
- Reply: Pavol Luptak: "Re: Security of data in memory"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
