Locking pages in core
Jason Stone
jason-openssh at dfmm.org
Tue Oct 31 21:34:13 EST 2000
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Is there any interest in using mlock to lock pages in core so that
potentially sensitive data won't get swapped out to disk? (GnuPG, for
example, does this).
There was a thread on this a long time ago, and it degenerated into a
discussion of crypto-swap, but the question was never answered.
Is there a good reason not to do this? The only one I can think of is
that we'll need to make ssh-agent setuid as mlock requires root
priveleges.
-Jason
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.2 (GNU/Linux)
Comment: See https://private.idealab.com/public/jason/jason.gpg
iD8DBQE5/qAwswXMWWtptckRAhCqAJ91Ei23/vxP1SHmI44dHmEPIPI3FACgkujG
oODCsCvCCgYCYO7ZS71ThBc=
=g0GJ
-----END PGP SIGNATURE-----
More information about the openssh-unix-dev
mailing list