Hi,
On Monday, 11 of April 2005 12:37, Oliver Neukum wrote:
> Am Sonntag, 10. April 2005 22:14 schrieb Pavel Machek:
> > Hi!
> >
> > > > Oliver Neukum wrote:
> > > > > What is the point in doing so after they've rested on the disk for
> > > > > ages?
> > > >
> > > > The point is not physical access to the disk but data gathering after
> > > > resume or reboot.
> > >
> > > After resume or reboot normal access control mechanisms will work
> > > again. Those who can read a swap partition under normal circumstances
> > > can also read /dev/kmem. It seems to me like you are putting an extra
> > > lock on a window on the third floor while leaving the front door open.
> >
> > Andreas is right, his patches are needed.
> >
> > Currently, if your laptop is stolen after resume, they can still data
> > in swsusp image.
> >
> > Zeroing the swsusp pages helps a lot here, because at least they are
> > not getting swsusp image data without heavy tools. [Or think root
> > compromise month after you used swsusp.]
> >
> > Encrypting swsusp image is of course even better, because you don't
> > have to write large ammounts of zeros to your disks during resume ;-).
>
> Not only is it better, it completely supercedes wiping the image.
> Your laptop being stolen after resume is very much a corner case.
> You suspend your laptop while you are not around, don't you?
Not necessarily. Some people use suspend instead of shutdown. :-)
Greets,
Rafael
--
- Would you tell me, please, which way I ought to go from here?
- That depends a good deal on where you want to get to.
-- Lewis Carroll "Alice's Adventures in Wonderland"
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [EMAIL PROTECTED]
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
