Date: Wed, 19 Jul 2000 16:55:34 -0400 (EDT) From: Robert Watson <rwatson@FreeBSD.ORG> To: Mike Silbersack <silby@silby.com> Cc: Sheldon Hearn <sheldonh@uunet.co.za>, Joachim =?iso-8859-1?Q?Str=F6mbergson?= <watchman@ludd.luth.se>, Greg Lewis <glewis@trc.adelaide.edu.au>, freebsd-security@FreeBSD.ORG Subject: Re: Status of FreeBSD security work? Audit, regression and crypto swap? Message-ID: <Pine.NEB.3.96L.1000719165025.73365A-100000@fledge.watson.org> In-Reply-To: <Pine.BSF.4.21.0007181838570.28415-100000@achilles.silby.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, 18 Jul 2000, Mike Silbersack wrote: > On Tue, 18 Jul 2000, Sheldon Hearn wrote: > > > Is it really cool? I've always thought that crypted swap is a waste of > > time, given the fact that access to the swap device implies far more > > serious problems already. Now that we have a reference to Niels' paper, > > though, we can see what his motivation for developing this was. > > Well, according to Niels's research, he found old passwords, passphrases, > and many other such pieces of data sitting around in his swap > file. Hence, one obtaining access to the swap file does have greater > knowledge than they would with a crypted swap. His paper seems well > written, I suggest that you read it. I've broken systems in test environments using exploited kmem access to extract password information from mbufs. Access to kernel memory space, be it via persistent swap or live /dev/mem or /dev/kmem, is a big no-no from a security perspective. Personally, my big fear is my notebook computer. I can encrypt data on it using command line tools, but I'd much rather see a device layer that I can use to protect both swap and sensitive partitions. Swap could use a randomized key, and mounting of data partitions could rely on a user-provided key for the device layer. A crypto-fs might be more fun, but if we have the facility to layer device access, we might as well use that for a quicky solution. It's easy for someone to walk off with personal computing devices -- in the office, at home, at the airport, ... Robert N M Watson robert@fledge.watson.org http://www.watson.org/~robert/ PGP key fingerprint: AF B5 5F FF A6 4A 79 37 ED 5F 55 E9 58 04 6A B1 TIS Labs at Network Associates, Safeport Network Services To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.NEB.3.96L.1000719165025.73365A-100000>