On 9/15/06, Stef Bon <[EMAIL PROTECTED]> wrote:
Carlos Martín wrote:
> On 15/09/06, John Lockman <[EMAIL PROTECTED]> wrote:
>>
>> However, this does make it extremely good for storing sensitive data
>> before encryption.
>>
>
> Not really. tmpfs may be pushed to swap space, where it could be
> recovered if the attacker has enough interest. Try running gnupg
> withoug suid root. It will warn you that it won't be able to lock the
> memory to RAM, and therefore may be recoverable. This is the same
> thing.
Ok, I see.
But do you now an other sollution for storing important data which only have
to be there for one session in an temporary filesystem
( = not on harddisk) ?
Stef Bon
The easiest way is to zero your swap space on boot and power off,
there are many different ways to do this, google around. I'm not 100%
sure, but I think you can do a kernel ram disk that resides only in
the ram.
--
http://linuxfromscratch.org/mailman/listinfo/lfs-chat
FAQ: http://www.linuxfromscratch.org/faq/
Unsubscribe: See the above information page
