Mailing List Archive

   tlug.jp -> Mailing List -> tlug archive -> tlug Mailing List Archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [tlug] search for encrypted information exchange

On 2009-08-24 18:37 +0200 (Mon), Francois Cartegnie wrote:

> Le lundi 24 août 2009, Curt Sampson a écrit :
> > We have a bit of code for vim that, when we open an encrypted file, will
> > turn off all swapping for that file and then filter it through "gpg
> 
> What do you mean by "turn off all swapping for that file" ? 

I mean that vim will no longer write any temporary files to disk; the
data reside only in memory.

> Turn off the whole system swap (or play with the swapiness params) so
> it never swaps your editor process pages ? Or just flag the process to
> keep its pages out of swap ? (which I never heard about).

You can flag memory never to be swapped, but there's no real need so
long as you reboot reasonably frequently. The encryption key for your
swap partition (if your system is set up properly) is a random value
generated a boot time, so after you shut down it's lost* and the swap
partition contents can no longer be recovered.

* Modulo the usual attacks involving getting the key out of the DRAM
of the now-shut-down machine by reading the trace currents left in the
capacitors.

cjs
-- 
Curt Sampson       <cjs@example.com>        +81 90 7737 2974
           Functional programming in all senses of the word:
                   http://www.starling-software.com
Home | Main Index | Thread Index

Home Page Mailing List Linux and Japan TLUG Members Links