Security Enhanced Linux
What's New
Frequently Asked Questions
Background
Documents
License
Download
Participating
Mail List
Archives
Remaining Work
Contributors
Related Work
Press Releases
Information Assurance Research
NIARL In-house Research Areas
Mathematical Sciences Program
Sabbaticals
Computer & Information Sciences Research
Technology Transfer
Advanced Computing
Advanced Mathematics
Communications & Networking
Information Processing
Microelectronics
Other Technologies
Technology Fact Sheets
Publications
Related Links
|
SELinux Mailing ListNo RAM swapout to disk for "sandbox" run programs
From: james_at_spunkysoftware.com
Date: Tue, 28 Aug 2001 09:34:10 +1000
I have written Linus Torvalds talking about a range of PIDs, or a new field in the task_struct, which would indicate to the mm in the kernel that swapping this process' address space out to disk was forbidden. A program can be launched from a shell that acts as a "sandbox" to run programs that shouldn't be swapped to disk. All tasks forked from this should be regarded as unswappable. This would be useful for encryption programs, since PGP on WinNT at least was already doing it. I'm not sure how GnuPG handles this at the moment. Any thoughts anyone? Also, I am wondering where I can get software that will allow me to look at arbitrary memory ranges, the purpose being to look at "deleted" files on Windows and Linux. Anybody know of any such software? Is there a kernel module that allows this? James Buchanan -- You have received this message because you are subscribed to the selinux list. If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with the words "unsubscribe selinux" without quotes as the message.Received on Mon 27 Aug 2001 - 19:46:09 EDT |
|
Date Posted: Jan 15, 2009 | Last Modified: Jan 15, 2009 | Last Reviewed: Jan 15, 2009 |