Hi! This probably has been mentioned before, but what the heck.
Users of GnuPG often are baffled of why does its executable have to be
suid root or else it gives ominous warnings about "insecure memory". The
reason is the memory it allocates for sensitive data (like a user's
passphrase) might be copied to the swap partition and thus be vulnerable
to a moderately sophisticated attack. To make a region of memory
un-swappable, one uses the mlock(2) call, which only root has the right
to use. Hence the suid.
Couldn't there be a kernel option (maybe tunable by /proc/something)
through wich the kernel could grant a limited amount of mlock-able
memory for each non-root process? This could default to 0 but be
increased when sensitive software is being used.
--------------ED919F831715D625156A5824
Content-Type: text/x-vcard; charset=us-ascii;
name="jcastro.vcf"
Content-Transfer-Encoding: 7bit
Content-Description: Card for Juan Carlos Castro y Castro
Content-Disposition: attachment;
filename="jcastro.vcf"
begin:vcard
n:Castro;Juan
tel;work:55 (21) 540-9100
x-mozilla-html:FALSE
url:http://www.appi.com.br/jcastro
org:APPI Informática Ltda.;Desenvolvimento
adr:;;Av. Ataulfo de Paiva, 135/1410;Rio de Janeiro;RJ;22449-900;Brazil
version:2.1
email;internet:jcastro@appi.com.br
title:Consultor
note:One man alone cannot fight the future. USE LINUX!
x-mozilla-cpt:;28896
fn:Juan Carlos Castro y Castro
end:vcard
--------------ED919F831715D625156A5824--
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/