> I'm making a crypto program (under french law).
> It crypts a file and then totally erase the uncrypted by filling it with
> zero.
>
This doesn't mean that the null-fill will actually get to the physical
device. Further, filling with a known data-type will allow the data
to be recovered by hardware means.
> My problem is that if the crypting process is swapped out during
> crypting, one could be able to recover parts of uncrypted file
> in swap partition.
>
`man chmod` Only the owner of the swap-file can read it. This should
not be a user. It should be root. If root isn't trusted, you need
to find a non-unix OS for your application.
> Is there a way to malloc a non swappable part of memory ?
Just `swapoff -a`. Now the swapfile isn't used at all. Do your
memory allocation in a conservative manner so you don't run
out. In other words, allocate only the buffer size you need and
deallocate them when they no longer contain data you are using.
Cheers,
Dick Johnson
***** FILE SYSTEM WAS MODIFIED *****
Penguin : Linux version 2.1.131 on an i686 machine (400.59 BogoMips).
Warning : It's hard to remain at the trailing edge of technology.
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/