Date: Sat, 11 Jan 2003 03:43:18 -0800 From: David Schultz <dschultz@uclink.Berkeley.EDU> To: Lucky Green <shamrock@cypherpunks.to> Cc: freebsd-current@FreeBSD.ORG Subject: Re: 5.0 without swap Message-ID: <20030111114318.GD3961@HAL9000.homeunix.com> In-Reply-To: <00ba01c2b95a$8d385670$6601a8c0@VAIO650> References: <20030111110819.1be840f1.flynn@energyhq.homeip.net> <00ba01c2b95a$8d385670$6601a8c0@VAIO650>
next in thread | previous in thread | raw e-mail | index | archive | help
Thus spake Lucky Green <shamrock@cypherpunks.to>: > Miguel wrote: > > Having no swap will prevent you from getting crashdumps in > > case of panic which, if you run 5.0, is not that unusual. > > Besides these days harddrives cost $1/GB, so why not setup > > the swap partition anyway? > > I don't want cleartext cryptographic keys to ever touch magnetic media, > thus potentially opening the door to future forensic analysis. You can accomplish that by wiring the pages containing your cryptographic keys, rather than effectively wiring every page in the system by having no swap space. Alternatively, unless you're really paranoid, it's probably sufficient to write over your swap partition with random data before you shut down the system. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20030111114318.GD3961>