Sat, 25 Jan 2003 20:16:12 +0100
On Sat, 25 Jan 2003 17:29:52 +0100, Simon Josefsson said:
> That seems bad. Is there any work going on to make it possible for
> user-level code to allocate secure memory from the kernel (possibly
> via libc)?
A long time ago, a patch was proposed to allow for an ulimit
controlled amount of non-pageable memory but rejected by Linux. I
talked with David Miller about this but he also objected and said that
the (at that time new) capabilities should be used for this - well
this does not solve the library problem.
> If not, I fear that making applications setuid in order for secure
> memory to be available creates more security problems than it solves.
I general I think this secure memory is not really required and
operations with sensitive data should better be handled by a dedicated
process, like gpg-agent.
> used without support from the application using my library, I want to
> use libgcrypt without secure memory, and for this to happen silently.
I am going to change it in this way.
> This is what I'll do, with the "default init" being: