[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [suse-security] How do I encrypt the swap (partition[s]) under SuSE 9.3 Prof ?

Hash: SHA1

The Friday 2005-11-18 at 02:26 +0100, miguel gmail wrote:

> Sorry to break the thread... but, what's the point to encrypt the swap?

Thinking aloud [.....] a swap device might be readable by some users, 
while the system is running. Lets see, mine has permissions:

brw-rw----  1 root disk 3, 9 2005-10-07 02:48 /dev/hda9

so someone in group "disk" could do it (users can not read other users 
memory, the kernel does not permit it). Otherwise, someone with physical 
access to your PC might pull the plug at some inconvenient time, then use a 
rescue CD thing to read the swap partition, that being as I said an 
inconvenient time, might, for example, have the copy of an important 
document that was swapped out from memory. Or [more thinking] when the 
system is suspended to swap, all memory is swapped out, and then accessible 
by the above method (although I don't know if a suspend to encrypted swap 
works). For instance, while suspended, a normal encrypted partition 
paraphrase is saved in clear in the swap, and therefore, vulnerable.

Just some ideas... perhaps there is something more.

- -- 
       Carlos Robinson

Version: GnuPG v1.4.0 (GNU/Linux)
Comment: Made with pgp4pine 1.76


Check the headers for your unsubscription address
For additional commands, e-mail: suse-security-help@xxxxxxxx
Security-related bug reports go to security@xxxxxxx, not here