SecurityFocus

RE: When scrubbing secrets in memory doesn't work Nov 14 2002 10:44AM
Michael Wojcik (Michael Wojcik microfocus com) (1 replies)

Re: When scrubbing secrets in memory doesn't work Nov 17 2002 04:49PM
Nicholas Weaver (nweaver CS berkeley edu) (1 replies)

Re: When scrubbing secrets in memory doesn't work Nov 18 2002 04:36PM
Richard Moore (rich westpoint ltd uk) (2 replies)

Nicholas Weaver wrote:
> On Thu, Nov 14, 2002 at 02:44:58AM -0800, Michael Wojcik composed:
> The bigger concern is when the memory is paged to disk, and that
> record may have a much MUCH longer time window. But scrubbing has no
> real effect on this, this is an effect of VM memory management and
> memory-only pinning.
>

It's worth noting that on systems such as linux and solaris, it is easy
to avoid the paging problem by locking the process into memory. This is
accomplished using the system calls mlock(2) and mlockall(2). The former
is probably more suitable as the latter locks all of pages for the
process. This is of course outside the scope of the C (or other
language) definition.

Cheers

Rich.

[ reply ]

Re: When scrubbing secrets in memory doesn't work Nov 18 2002 06:19PM
Peter Watkins (peterw usa net)

Re: When scrubbing secrets in memory doesn't work Nov 18 2002 05:20PM
Florian Weimer (Weimer CERT Uni-Stuttgart DE)