1995-10-28 - Re: Linux security issues

Header Data

From: frantz@netcom.com (Bill Frantz)
To: Paul Koning 1695 <pkoning@chipcom.com>
Message Hash: ecb886e9aaae14d50f450ea103f0aab32fd2e58b501e331c9cb44ef192253e81
Message ID: <199510281804.LAA14320@netcom15.netcom.com>
Reply To: N/A
UTC Datetime: 1995-10-28 18:26:39 UTC
Raw Date: Sun, 29 Oct 1995 02:26:39 +0800

Raw message

From: frantz@netcom.com (Bill Frantz)
Date: Sun, 29 Oct 1995 02:26:39 +0800
To: Paul Koning               1695 <pkoning@chipcom.com>
Subject: Re: Linux security issues
Message-ID: <199510281804.LAA14320@netcom15.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


>>Actually keeping the pass phrase out of swap space is fairly easy (although
>>I havn't looked at the PGP code to see if it actually does this).
>>...
>>However, the pass phrase is not the only dangerous information.
>>...
>>N.B. This problem affects all virtual memory operation systems.
>
>Not all of them.  In at least one (VMS) you can pin pages in physical 
>memory,

Good point.  Too bad the invocations of pinning aren't portable.  Maybe in
the next POSIX.

>Actually, any OS that does I/O directly to user pages has that capability in 
>the kernel...

All the OSs I am familar with pin the pages only for the duration of the
I/O operation.  After the I/O has completed, the page can be swapped out. 
What you really need is to pin the page in memory (with an implicit
contract with your OS that it won't be written to swap space while it is
pinned), put the sensitive information in the page, use the information,
wipe the information, and un-pin the page.

I wonder if NSA has built a virus to collect PGP keys?

Bill







Thread