Re: mlock(1)

From: Andrea Arcangeli
Date: Sat Sep 25 2004 - 09:58:01 EST

Next message: Jean-Luc Cooke: "Re: [PROPOSAL/PATCH] Fortuna PRNG in /dev/random"
Previous message: Christoph Lameter: "Re: [time] add support for CLOCK_THREAD_CPUTIME_ID andCLOCK_PROCESS_CPUTIME_ID"
In reply to: Nigel Cunningham: "Re: mlock(1)"
Next in thread: Pavel Machek: "Re: mlock(1)"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Sat, Sep 25, 2004 at 10:21:21PM +1000, Nigel Cunningham wrote:
> There must be some way of being able to check the password is correct
> without compromising security by encrypting static text and storing it
> at a known location! Darned if I know what it is though.

good point! Maybe we can pick random signed chars in a 4k block and
guarantee their sum is always -123456. Would that be secure against
plaintext attack right? It's more like a checksum than a magic number,
but it should be a lot more secure than the "double" typo probability
(and this way the password will be asked only once during resume).
Generating those random numbers will not be the easiest thing though.
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Jean-Luc Cooke: "Re: [PROPOSAL/PATCH] Fortuna PRNG in /dev/random"
Previous message: Christoph Lameter: "Re: [time] add support for CLOCK_THREAD_CPUTIME_ID andCLOCK_PROCESS_CPUTIME_ID"
In reply to: Nigel Cunningham: "Re: mlock(1)"
Next in thread: Pavel Machek: "Re: mlock(1)"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]