Prosecution based on memory forensics
nils.faerber at kernelconcepts.de
Fri Jan 14 10:06:18 CET 2011
Am 14.01.2011 09:34, schrieb Werner Koch:
> On Thu, 13 Jan 2011 11:50, nils.faerber at kernelconcepts.de said:
>> I could write a very simple driver which provides a mmap()able memory
>> area which the application can use, protected by the kernel, and which
>> will be automatically cleared upon suspend.
>> Would that solve the problem?
Hmm... cool ;)
>> How much memory are we talking about here? Bytes? Kbytes? Or Mbytes?
> For gpg-agent: 32 bytes. One memory page should be enough for any
So, what do you think, would it be worth the effort?
If it would help GnuPG and if you would like to use it I would offer to
implement it and try to push it upstream.
kernel concepts GbR Tel: +49-271-771091-12
Sieghuetter Hauptweg 48
D-57072 Siegen Mob: +49-176-21024535
More information about the Gnupg-users