Re: swapfile security weakeness

H. Peter Anvin (hpa@transmeta.com)
Fri, 6 Nov 1998 00:10:41 -0800 (PST)

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: ketil@ii.uib.no: "Re: The next step: supercomputer via disparate nodes"
Previous message: H. Peter Anvin: "Re: [OFFTOPIC] Re: Hello Chinese student"
Next in thread: Philippe Troin: "Re: swapfile security weakeness"
Reply: Philippe Troin: "Re: swapfile security weakeness"

> > swapon should keep a handle on the inode, which means the file won't
> > be removed from the physical media even if it is unlinked (just like
> > open files aren't.)
>
> Unfortunately, there are a few issues with that:
> - it doesn't work on inodeless FSes (msdosfs)
> - you can't swapoff() a deleted file, leaving minor
> fs corruption on reboot (and major corruption on
> umsdos and the like)
> - since you can't swapoff() the deleted file, you
> can't reclaim the disk space
>
> This basically means that we have a real problem at
> hand that should be fixed.

Sure it works on inodeless filesystems -- *ALL* filesystems are
inode-based as far as the Linux kernel are concerned. However, your
objection about swapoff() is well taken -- we need a variant that can
take an index to a swap area rather than a filename.

-hpa

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/

Next message: ketil@ii.uib.no: "Re: The next step: supercomputer via disparate nodes"
Previous message: H. Peter Anvin: "Re: [OFFTOPIC] Re: Hello Chinese student"
Next in thread: Philippe Troin: "Re: swapfile security weakeness"
Reply: Philippe Troin: "Re: swapfile security weakeness"