Well, for general-not-expected-outage; an UPS will do. It's more like the
unexpected: some criminal manages to reach the server, unplugs it, etc.
Ok, he'll have some expensive hardware then, but the data is at least not
readable (and you're also glad you stored those backup-tapes somewhere
else).
> But "swap space" is different: It is completely acceptable if the
> kernel grabs a random key from the entropy pool on the first swap.
Hmmmm, that's an extremely good point! Didn't think of that. Maybe
something like; generate x bytes (where x = pagesize) of random data
(from entropy-pool) and do a xor for every page you're about to write
down. But then; if some application swapps out 20 pages of a regular
pattern; all 0x00's or whatsoever (all 0x34, all 0x8d, doesn't matter).
You will be able to re-calculate back the original key. Still, this
one-time key is really a fine idea!
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/