nisse@lysator.liu.se (Niels Möller) writes: > > Doesn't the Hurd have mlock() ? > > I think most systems don't have mlock available for mortal users. > Right? I only know that Linux does not allow it unless you have the CAP_IPC_LOCK capability. Which on most systems means, that you need root. I consider this a bug. But this was not the problem, as I issued the command as root. > A better approach is to simply encrypt pages that are swapped out > (either all swap, or configurable per user or per process). That incurs significant overhead. Of the 76 processes running on this box right now, only two need that level of security at the moment. These are served fine with mlock(), IMHO. -- Robbe
Attachment:
signature.ng
Description: PGP signature