Bug: sensitive data written to insecure memory

Werner Koch wk at gnupg.org
Thu Apr 5 13:31:10 CEST 2001


On Thu, 5 Apr 2001, Oleg Smolsky wrote:

> running on the NT branch. Here are the user mode functions that are
> relevant:
> VirtualAlloc() and VirtualFree()
> VirtualLock() and VirtualUnlock()

No, that does not work.  See Peter Gutmann's papers and mails on
this issue.  VirtualLock does only lock the pages as long as the
process is active - if the whole process get's swapped out those
pages are also swapped.

The only way to do this under Windows or NT is by writing dummy
device driver becuase they can allocate non-pageable memory (which
is needed for Interrupt handlers).  soundcode.com has sich a driver
but the license is not of much use becuase it is a non-comercial use
only one.

  Werner
  

-- 
Werner Koch        Omnis enim res, quae dando non deficit, dum habetur
g10 Code           et non datur, nondum habetur, quomodo habenda est.
Privacy Solutions                                        -- Augustinus




More information about the Gnupg-devel mailing list