Encrypted Swap

David Maynor (david.maynor@oit.gatech.edu)
Tue, 07 Aug 2001 13:30:14 -0400


The recovery of deleted information is a large danger, esp to certain
government agencies and other people who really care that the information
the have is never seen, but implementing such features in the kernel seems
the wrong place to do it. In addition to the swap space, in order to be
effective, you would need to keep the memory in an encrypted state, as well
as your disk. Just encrypting your swap would be akin to ssh to a machine,
telneting to another machine, then sshing to a 3rd machine. Since your
transfer between machine one and two is in the clear, you entire security
model at that point is comprised. Just encrypting your swap leaves the info
vulnerable in other places.
My suggestion is instead of worrying about the swap space, or the tmp
space, worry about an entire OS security posture(eg. filesystem, memory,
boot). So if a machine is stolen or comprised, there is an onion of
security protecting you, not just one or two things.

David Maynor

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/