Bugtraq mailing list archives

Re: When scrubbing secrets in memory doesn't work

From: Richard Moore <rich () westpoint ltd uk>
Date: Mon, 18 Nov 2002 16:36:57 +0000

Nicholas Weaver wrote:

On Thu, Nov 14, 2002 at 02:44:58AM -0800, Michael Wojcik composed:
The bigger concern is when the memory is paged to disk, and that
record may have a much MUCH longer time window.  But scrubbing has no
real effect on this, this is an effect of VM memory management and
memory-only pinning.

It's worth noting that on systems such as linux and solaris, it is easyto avoid the paging problem by locking the process into memory. This isaccomplished using the system calls mlock(2) and mlockall(2). The formeris probably more suitable as the latter locks all of pages for theprocess. This is of course outside the scope of the C (or otherlanguage) definition.


Cheers

Rich.

Current thread:

Re: When scrubbing secrets in memory doesn't work, (continued)
- Re: When scrubbing secrets in memory doesn't work Perry E. Metzger (Nov 05)
  - Re: When scrubbing secrets in memory doesn't work Andy Polyakov (Nov 07)
- Re: When scrubbing secrets in memory doesn't work Gianni Tedesco (Nov 07)
  - Re: When scrubbing secrets in memory doesn't work Valdis . Kletnieks (Nov 08)
- Re: When scrubbing secrets in memory doesn't work Michael Zimmermann (Nov 09)
  - Re: When scrubbing secrets in memory doesn't work Jan Echternach (Nov 14)
- When scrubbing secrets in memory doesn't work Michael Howard (Nov 09)
- RE: When scrubbing secrets in memory doesn't work Michael Wojcik (Nov 12)
- RE: When scrubbing secrets in memory doesn't work Michael Wojcik (Nov 17)
  - Re: When scrubbing secrets in memory doesn't work Nicholas Weaver (Nov 18)
    - Re: When scrubbing secrets in memory doesn't work Richard Moore (Nov 20)
    - Re: When scrubbing secrets in memory doesn't work Florian Weimer (Nov 18)
    - Re: When scrubbing secrets in memory doesn't work Peter Watkins (Nov 19)