Re: Handling of raw passwords, quoting, escaping
Steven Chamberlain a écrit, le 27/03/2012 01:12:
Because I'm really, really paranoid, I don't think raw passwords should
be even written to tempfile/disk, and anything using them should use
memlockall() to avoid them being swapped out to disk.
The secure solution with least work required would be to store those
tmpfiles on a ramfs partition instead of /tmp (which is tmpFS, thus
swappable, contrary to ramfs).
Either let gosa-sync mount a ramfs partition at each run (if the
overhead is acceptable), or have a ramfs partition in fstab for that
kind of use - but the fact ramfs will grow beyond maximum size would be
an issue to handle, if that is indeed true and still the case.
Anyway, the probabilty a small file such as those tmps being paged to
swap in the small time between it is created and rm'ed by gosa-sync is
quite close to zero already.
-- Samuel Krempp