openssh unix dev - Oct 2000 - Locking pages in core

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


Is there any interest in using mlock to lock pages in core so that
potentially sensitive data won't get swapped out to disk?  (GnuPG, for
example, does this).

There was a thread on this a long time ago, and it degenerated into a
discussion of crypto-swap, but the question was never answered.

Is there a good reason not to do this?  The only one I can think of is
that we'll need to make ssh-agent setuid as mlock requires root
priveleges.


 -Jason


-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.2 (GNU/Linux)
Comment: See https://private.idealab.com/public/jason/jason.gpg

iD8DBQE5/qAwswXMWWtptckRAhCqAJ91Ei23/vxP1SHmI44dHmEPIPI3FACgkujG
oODCsCvCCgYCYO7ZS71ThBc=g0GJ
-----END PGP SIGNATURE-----

On Tue, 31 Oct 2000, Jason Stone wrote:
: Is there any interest in using mlock to lock pages in core so that
: potentially sensitive data won't get swapped out to disk?  (GnuPG, for
: example, does this).
: 
: There was a thread on this a long time ago, and it degenerated into a
: discussion of crypto-swap, but the question was never answered.
: 
: Is there a good reason not to do this?  The only one I can think of is
: that we'll need to make ssh-agent setuid as mlock requires root
: priveleges.

I think it's worthwhile to pursue this.  My first thought is some type
of secmem library ala gpg.  I think OpenSSH is already careful about
clearing buffers that have held sensitive data asap, but it would be
better to place this data in non-swapable segments in the first place.

For HP-UX:

11.0 support mlock(2) and it doesn't require root if you use the
privgrp(4) mechanism.

10.20 has plock(2) which isn't as fine-grained as mlock() and basically
permits you to lock the entire data segment.  plock() supports privgrp
as well.  I think there's an mlock() stub in libc that will just raise
SIGSYS.