Secure text editor?

Alessandro Vesely vesely at tana.it
Fri May 18 09:27:55 CEST 2007


Ryan Malayter wrote:
> On 5/17/07, Alessandro Vesely <vesely at tana.it> wrote:
>> Not quite. That may happen as an undocumented side effect on some
>> (or all) OS versions, and is not what the function is meant to do.
> 
> The documentation clearly states:
> "These pages are guaranteed not to be written to the pagefile while
> they are locked."

Ooops, I hadn't noticed that. Yes, then VirtualAlloc and VirtualLock
can be used to avoid leaving traces of sensitive data on the swap
file in the way you described (i.e. lock before fill and sweep before
unlock.)

I still think that's not the kind of task that the function has been
designed for. The authorization constrain you mentioned and other
possible side effect tend to make it unpractical for naive usage.

However, a background console app that allocates a few memory pages
for storing sensitive data (e.g. a gpg agent?) should use it to increase
data security.




More information about the Gnupg-users mailing list