[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Handling of raw passwords, quoting, escaping

Steven Chamberlain a écrit, le 27/03/2012 01:12:
Because I'm really, really paranoid, I don't think raw passwords should
be even written to tempfile/disk, and anything using them should use
memlockall() to avoid them being swapped out to disk.

The secure solution with least work required would be to store those tmpfiles on a ramfs partition instead of /tmp (which is tmpFS, thus swappable, contrary to ramfs). See e.g. http://www.thegeekstuff.com/2008/11/overview-of-ramfs-and-tmpfs-on-linux/ Either let gosa-sync mount a ramfs partition at each run (if the overhead is acceptable), or have a ramfs partition in fstab for that kind of use - but the fact ramfs will grow beyond maximum size would be an issue to handle, if that is indeed true and still the case.

Anyway, the probabilty a small file such as those tmps being paged to swap in the small time between it is created and rm'ed by gosa-sync is quite close to zero already.

-- Samuel Krempp

Reply to: