[ale] Swap Memory usage

Stephen Leonard stephen at phynp6.phy-astr.gsu.edu
Sun Sep 21 21:21:43 EDT 2003


Dow Hurst <dhurst at kennesaw.edu> writes:

> So, following this discussion reminds me of a comment by Bob in voice
> and maybe text:
> 
> That swapped out login and passwords could stay around for quite
> awhile if the login program uses swap.
> 
> This could happen, so should a firewall hardened machine not be
> allowed to swap?  Or should the code of the login program be written
> so that those spots in Virtual Memory be overwritten immediately after
> use?  Does anyone know how Openssh handles this or ssh.com?  Thanks,
> Dow

I think the standard method is to use mlock(2) to keep pages
resident in memory.  However, I didn't see any occurences of
it with a quick grep through openssh-3.7.1p1.

stephen



More information about the Ale mailing list