On Sun, Aug 20, 2000 at 07:18:02PM -0500, Scott G. Miller wrote: > > > > This might not be a wonderful idea. Putting the data to disk and > > having the plaintext on disk may not be a truly wonderful idea (ever > > heard of an electron scanning microscope?).
> Remember though, that these are the debugging clients, and do not reflect > what a real client should do. However, I agree that we should allow input > from stdin on insert for the security reason. For all the keytypes, data > will have to be written to disk, but the data would have been through the > encryption pass already. This isn't paranoid enough. For starters, the client should be written in C or C++ so it can get the low level memory access necessary. Second, the client should lock all buffers containing plaintext so it cannot be swapped (this should be an option (by default on) - it is unnecessary if someone is using an encrypted swap). The plaintext should never touch the disk (and being swapped counts as touching the disk). -- Travis Bemann Sendmail is still screwed up on my box. My email address is really bemann at execpc.com. -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 1284 bytes Desc: not available URL: <https://emu.freenetproject.org/pipermail/devl/attachments/20000820/6d2266d8/attachment.pgp>
