mlock() secure text editors?
From: Jason (NOSPAMperlmodules_at_lunkwill.org)
Date: 05/06/03
- Previous message: erik: "Re: Checkpoint SecureClient with 3.2 Gateway"
- Next in thread: all mail refused: "Re: mlock() secure text editors?"
- Reply: all mail refused: "Re: mlock() secure text editors?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: 5 May 2003 23:06:12 -0700
Anyone aware of a text editor that can be used to edit files destined
for encryption? That is, something that doesn't dump the plaintext to
disk as backup files, uses mlock() to keep data from being swapped out
and zeros out memory blocks before they're free()'ed.
Ideally, it'd integrate with gpg so that the data gets encrypted
before it ever gets to disk, avoiding the need to overwrite deleted
disk blocks multiple times.
Seems to me that a call to mlockall() inserted at the front of main()
in, say, vi, would go a long way toward that end. Turn off backup
files, and then either pipe output to gpg instead of saving, or save
to a RAM disk. Wiping out free()d pages after vi exits would be
harder - worst case, I could run a memory-eating mlockall() program
that would malloc() and zero all available physical memory then exit.
Thoughts?
-J
- Previous message: erik: "Re: Checkpoint SecureClient with 3.2 Gateway"
- Next in thread: all mail refused: "Re: mlock() secure text editors?"
- Reply: all mail refused: "Re: mlock() secure text editors?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
