A modified version of GnuPG
Werner Koch
wk@gnupg.org
Wed May 22 09:04:02 2002
On Tue, 21 May 2002 21:39:28 +0400, Max V Zinal said:
> When I said "secure memory" I was going to say "VirtualLock under
> Windows NT/2000/XP", which keeps you absolutely safe unless you
I guess you didn't read Peter's papers on this. VirtualLock is not
suitable for this. The only way to protect memory from swapping is by
allocating it with the device helper functions: An ISR may need
memory buffers and these buffers should never be subject to any paging
- the pager may need the service of that ISR - this is the reason why
you are able to allocate non-pageable memory for a device driver.
When GnuPG talks about "secure memory" it actually means "non-pageable
memory". There can't be any protection against an almighty
admin/root/superuser.
Werner