Steven Chamberlain a écrit, le 27/03/2012 01:12:
Because I'm really, really paranoid, I don't think raw passwords should be even written to tempfile/disk, and anything using them should use memlockall() to avoid them being swapped out to disk.
The secure solution with least work required would be to store those tmpfiles on a ramfs partition instead of /tmp (which is tmpFS, thus swappable, contrary to ramfs). See e.g. http://www.thegeekstuff.com/2008/11/overview-of-ramfs-and-tmpfs-on-linux/ Either let gosa-sync mount a ramfs partition at each run (if the overhead is acceptable), or have a ramfs partition in fstab for that kind of use - but the fact ramfs will grow beyond maximum size would be an issue to handle, if that is indeed true and still the case.
Anyway, the probabilty a small file such as those tmps being paged to swap in the small time between it is created and rm'ed by gosa-sync is quite close to zero already.
regards, -- Samuel Krempp