sslug-teknik team mailing list archive

Thread
Date

Re: No swap program

To: sslug-teknik@xxxxxxxx
From: donald_j_axel <donax@xxxxxxxxxx>
Date: Mon, 5 Dec 2005 14:12:16 +0100
Delivered-to: mailing list sslug-teknik@xxxxxxxx
Mailing-list: contact sslug-teknik-help@xxxxxxxx; run by ezmlm
Newsgroups: sslug.teknik
Organization: d-axel.dk

On Mon, 5 Dec 2005 09:45:30 +0100
Klaus wrote:

> Hvis det er pga. det sidste, så kan du bruge mlockall(2). Programmet
> skal dog køre med root-rettigheder, for at få lov til det.

Dejligt at der var et svar! Tak til Klaus. En anden gang vil jeg
søge sådan: "man -k paging".

Hvis det er real-time response er det mlockall(2).

Hvis det er for at UNDGÅ at følsomme oplysninger siger manual page:

       [...] Crypto-
       graphic security software often handles critical bytes  like  passwords
       or secret keys as data structures. As a result of paging, these secrets
       could be transfered onto a persistent swap  store  medium,  where  they
       might  be  accessible to the enemy long after the security software has
       erased the secrets in RAM and terminated.  For  security  applications,
       only small parts of memory have to be locked, for which mlock is avail-
       able.




-- 
donald_j_axel donax snabela get2net.dk -- http://d-axel.dk/

References

No swap program
From: Peter Toft, 2005-12-04
Re: No swap program
From: Klaus S. Madsen, 2005-12-05