Bug: sensitive data written to insecure memory

Florian Weimer fw at deneb.enyo.de
Wed Apr 4 15:35:09 CEST 2001


Werner Koch <wk at gnupg.org> writes:

> On Wed, 4 Apr 2001, Florian Weimer wrote:
> 
> > Encrypted swap doesn't mean swapping to an encrypted block device.
> > It's better to implement this at a higher level.  So you can use
> > per-process secret keys and discard the keys if the process ceases to
> 
> The Hurd is going to implement it in it's Paging server which the
> right place to do it.

And in Linux, you adjust the change the paging subsystem accordingly.
It's not that much different, isn't it.

> SCNR,

I must confess that I don't see your point. ;-)



More information about the Gnupg-devel mailing list