Re: mlock(1)

From: Pavel Machek
Date: Thu Sep 30 2004 - 09:09:00 EST

Next message: John Cherry: "Re: Linux 2.6.9-rc3 (compile stats)"
Previous message: Pavel Machek: "Re: Using certain graphics cards on non-x86 systems?"
In reply to: Andrea Arcangeli: "Re: mlock(1)"
Next in thread: Nigel Cunningham: "Re: mlock(1)"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi!

> > That's fine for the never-enter-a-password case, but for the
> > suspend-case, it's not so good since i want to close the lid and pack
> > away the notebook. Two scenarios, two implementations.
>
> Your "close-lid with suspend-to-disk" without ever asking password in
> suspend is fundamentally unfixable, unless you use public key
> encryption, but for it to be secure you've to store in your brain and
> type >128 chars at every resume...

?? You can store private key on harddrive and encrypt it by
symmetric crypto. No need for that huge passphrases.

> But it's not secure anyways without encryption since the memory freed by
> mozilla where the credit card was, could be dumped into the swap space
> if it was only partially reused as slab etc.. I mean, even normal
> swapping is insecure on a laptop, but suspend make it worse.

I believe this should be fixed, first. Then we can work on suspend/resume...

Pavel
--
64 bytes from 195.113.31.123: icmp_seq=28 ttl=51 time=448769.1 ms

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: John Cherry: "Re: Linux 2.6.9-rc3 (compile stats)"
Previous message: Pavel Machek: "Re: Using certain graphics cards on non-x86 systems?"
In reply to: Andrea Arcangeli: "Re: mlock(1)"
Next in thread: Nigel Cunningham: "Re: mlock(1)"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]