PGP uses, or did use, a (sloppy?) memory driver which prevented process address space active in RAM from being swapped out to disk.

I have written Linus Torvalds talking about a range of PIDs, or a new field in the task_struct, which would indicate to the mm in the kernel that swapping this process' address space out to disk was forbidden.

A program can be launched from a shell that acts as a "sandbox" to run programs that shouldn't be swapped to disk. All tasks forked from this should be regarded as unswappable. This would be useful for encryption programs, since PGP on WinNT at least was already doing it. I'm not sure how GnuPG handles this at the moment.

Any thoughts anyone?

Also, I am wondering where I can get software that will allow me to look at arbitrary memory ranges, the purpose being to look at "deleted" files on Windows and Linux. Anybody know of any such software? Is there a kernel module that allows this?

James Buchanan

--
You have received this message because you are subscribed to the selinux list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.