You missed some scenarios. Suppose I run a server that uses crypto.
If swap is unencrypted, all the session keys for the past year might
be laying around on swap. If swap is encrypted, only the session keys
since the last boot are accessible, at most. Therefore, using encrypted
swap clearly reduces the impact of a compromise of your machine (whether
through theft or through penetration). This is a good property.
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
This archive was generated by hypermail 2b29 : Tue Aug 07 2001 - 21:00:49 EST