-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 The Friday 2005-11-18 at 02:26 +0100, miguel gmail wrote:
Sorry to break the thread... but, what's the point to encrypt the swap?
Thinking aloud [.....] a swap device might be readable by some users, while the system is running. Lets see, mine has permissions: brw-rw---- 1 root disk 3, 9 2005-10-07 02:48 /dev/hda9 so someone in group "disk" could do it (users can not read other users memory, the kernel does not permit it). Otherwise, someone with physical access to your PC might pull the plug at some inconvenient time, then use a rescue CD thing to read the swap partition, that being as I said an inconvenient time, might, for example, have the copy of an important document that was swapped out from memory. Or [more thinking] when the system is suspended to swap, all memory is swapped out, and then accessible by the above method (although I don't know if a suspend to encrypted swap works). For instance, while suspended, a normal encrypted partition paraphrase is saved in clear in the swap, and therefore, vulnerable. Just some ideas... perhaps there is something more. - -- Cheers, Carlos Robinson -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.0 (GNU/Linux) Comment: Made with pgp4pine 1.76 iD8DBQFDfUpFtTMYHG2NR9URAmV/AJ9ozd/oNRqC5qwpw07UjVbvjksgJgCdEasI Cqfd/iGlGU6gqwUKJ6NGDC8= =aZkR -----END PGP SIGNATURE-----