From: "David Ford" <david@blue-labs.org>
> You can't guarantee much if the machine is physically compromised. In
> the situation of wiping, you probably won't need swap immediately after
> boot so you can afford to execute a script that wipes the file/partition
> then mounts it.
>
> It's all easily accomplished in userspace.
>
> David
>
This all depends on what the circumstances are. If you are talking about
someone being able to walk up to the machine while on and pull the memory
cards, nope we cant stop that with the OS.
That is not what we are trying to do, one of the specific scenarios was the
example of a notebook computer that either was shut off quickly or freezes.
If this notebook is stolen before the system is rebooted presto the crook
has access to everything in the swap. All he has to do is take out the
drive and put it in another system.
The solution to that is encrypted swap.
Marty Poulin
vandal@playnet.com
Lead Programmer
Host/Client Communications
Playnet Inc./Cornered Rat Software
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
This archive was generated by hypermail 2b29 : Wed Aug 15 2001 - 21:00:21 EST