[Haskell-cafe] Re: A suggestion for the next high profile Haskell project

Brandon S. Allbery KF8NH allbery at ece.cmu.edu
Mon Dec 18 20:11:05 EST 2006


On Dec 18, 2006, at 18:26 , ls-haskell-developer-2006 at m-e-leypold.de  
wrote:

>
> Tomasz Zielonka <tomasz.zielonka at gmail.com> writes:
>
>> On Mon, Dec 18, 2006 at 11:57:59PM +0100, ls-haskell- 
>> developer-2006 at m-e-leypold.de wrote:
>>> ... but I wonder: GPG, AFAIK undertakes some special measures to
>>> ensure that neither clear text nor private keys are paged out to the
>>> disk (since it might be recovered from there by "the enemy"). How
>>> would you lock data in memory in Haskell? Would that be possible?
>>>
>>> It seems to me that all participants in this thread have missed this
>>> point so far.
>>
>> You could just mlock() everything allocated by the RTS...
>
> Brute force. :-) Certainly the most simple way to do it. But is that
> option already here (say in ghc), or would one have to patch the
> runtime for that?

Note also that this requires setuid root (yes, in gpg as well) --- so  
you are trading one known security issue for an unknown number of  
others.

-- 
brandon s. allbery    [linux,solaris,freebsd,perl]     allbery at kf8nh.com
system administrator [openafs,heimdal,too many hats] allbery at ece.cmu.edu
electrical and computer engineering, carnegie mellon university    KF8NH





More information about the Haskell-Cafe mailing list