Re: [PATCH encrypted swsusp 1/3] core functionality

From: Pavel Machek
Date: Thu Apr 14 2005 - 03:28:51 EST

Next message: Li Shaohua: "Re: [PATCH 6/6]suspend/resume SMP support"
Previous message: Coywolf Qi Hunt: "Re: Kernel messages"
In reply to: Bernd Eckenfels: "Re: [PATCH encrypted swsusp 1/3] core functionality"
Next in thread: Andy Isaacson: "encrypted swap (was Re: [PATCH encrypted swsusp 1/3] core functionality)"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Ät 14-04-05 03:13:41, Bernd Eckenfels wrote:
> In article <20050413233904.GA31174@xxxxxxxxxxxxxxxxxxx> you wrote:
> > The dmcrypt swap can only be unlocked by the user with a passphrase,
> > which is analogous to how you unlock your ssh private key stored
> > on the disk using a passphrase.
>
> We talk about the unlocked system getting hacked. However I am not why the
> hacker would head for the swap if he can as well read the ram.

Various openssl-s, ssh-s and others are pretty carefull to wipe their
RAM when it is no longer neccessary.
Pavel
--
Boycott Kodak -- for their patent abuse against Java.
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Li Shaohua: "Re: [PATCH 6/6]suspend/resume SMP support"
Previous message: Coywolf Qi Hunt: "Re: Kernel messages"
In reply to: Bernd Eckenfels: "Re: [PATCH encrypted swsusp 1/3] core functionality"
Next in thread: Andy Isaacson: "encrypted swap (was Re: [PATCH encrypted swsusp 1/3] core functionality)"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]