Displaying 1 result from an estimated 1 matches for "overtrust".
Did you mean:
opentrust
2018 Jan 06
3
PEM file opened without DIRECT I/O which makes private key readable by attacker exploiting MELTDOWN
On Sat, Jan 6, 2018 at 5:38 PM, Philipp Marek <philipp at marek.priv.at> wrote:
> I think we are possibly interested in switching to DIRECT IO (given that it
>> bypasses any caching system including page cache) when reading *.PEM file
>>
> Sorry, but this makes no sense.
> The data could just as well be read from the SSH process
> memory space.
>
I think