Prosecution based on memory forensics
Nils Faerber
nils.faerber at kernelconcepts.de
Fri Jan 14 10:06:18 CET 2011
Hi!
Am 14.01.2011 09:34, schrieb Werner Koch:
> On Thu, 13 Jan 2011 11:50, nils.faerber at kernelconcepts.de said:
>> I could write a very simple driver which provides a mmap()able memory
>> area which the application can use, protected by the kernel, and which
>> will be automatically cleared upon suspend.
>> Would that solve the problem?
> Yes.
Hmm... cool ;)
>> How much memory are we talking about here? Bytes? Kbytes? Or Mbytes?
> For gpg-agent: 32 bytes. One memory page should be enough for any
> process.
So, what do you think, would it be worth the effort?
If it would help GnuPG and if you would like to use it I would offer to
implement it and try to push it upstream.
> Salam-Shalom,
> Werner
Cheers
nils
--
kernel concepts GbR Tel: +49-271-771091-12
Sieghuetter Hauptweg 48
D-57072 Siegen Mob: +49-176-21024535
http://www.kernelconcepts.de
More information about the Gnupg-users
mailing list