Warning messages.

Pete Chown Pete.Chown@skygate.co.uk
Mon, 28 Jun 1999 13:42:33 +0100

Michael Roth wrote:

> When you think about you will note that everone who is able to get access
> with privileges to read out the paging area of the disk is also able to
> manipulate the system in all possible ways including substituting the gpg
> binary with a manipulated one.
Isn't the problem that things written to the paging area can be read out after the event? If I was raided by the secret police, there might be something in my paging file that they could use. On the other hand, if they gave me the machine back I would be unlikely to use it without checking very carefully that the gpg binary (and kernel, etc.) had not been interfered with. What would be quite nice is a way of telling the kernel that a particular page must be encrypted before being written to swap. If the machine is powered off, the session key is lost and so the page is unrecoverable. This would be better than locking a page in physical memory because there would be no need to restrict its use. The CPU time taken to encrypt and decrypt would be charged to the process concerned so it would not introduce any scheduling "unfairness". ----------------------------------------------------------------------- Pete Chown, email pc@skygate.co.uk, phone +44 (0) 181 680 8393, fax +44 (0) 181 688 8013, mobile +44 (0) 468 765 645, post 58 Foss Avenue, Croydon, CR0 4EU, England