[Haskell-cafe] Re: A suggestion for the next high profile Haskell
project
Brandon S. Allbery KF8NH
allbery at ece.cmu.edu
Mon Dec 18 20:11:05 EST 2006
On Dec 18, 2006, at 18:26 , ls-haskell-developer-2006 at m-e-leypold.de
wrote:
>
> Tomasz Zielonka <tomasz.zielonka at gmail.com> writes:
>
>> On Mon, Dec 18, 2006 at 11:57:59PM +0100, ls-haskell-
>> developer-2006 at m-e-leypold.de wrote:
>>> ... but I wonder: GPG, AFAIK undertakes some special measures to
>>> ensure that neither clear text nor private keys are paged out to the
>>> disk (since it might be recovered from there by "the enemy"). How
>>> would you lock data in memory in Haskell? Would that be possible?
>>>
>>> It seems to me that all participants in this thread have missed this
>>> point so far.
>>
>> You could just mlock() everything allocated by the RTS...
>
> Brute force. :-) Certainly the most simple way to do it. But is that
> option already here (say in ghc), or would one have to patch the
> runtime for that?
Note also that this requires setuid root (yes, in gpg as well) --- so
you are trading one known security issue for an unknown number of
others.
--
brandon s. allbery [linux,solaris,freebsd,perl] allbery at kf8nh.com
system administrator [openafs,heimdal,too many hats] allbery at ece.cmu.edu
electrical and computer engineering, carnegie mellon university KF8NH
More information about the Haskell-Cafe
mailing list