Fwd: KWallet weaknesses (was: [PATCH] Make pinentry-qt read and store passphrases in KDE 3.2's wallet)

Martin Konold martin.konold at erfrakon.de
Sat Dec 6 13:55:17 GMT 2003


> Parts of the unlocked wallet can be found in the swap partition, unless you
> use encrypted swap (which is unfortunately not very popular yet).

encrypted swap is not really required.

Please check 

	man 2 mlock

       mlock - disable paging for some parts of memory

       #include <sys/mman.h>

       int mlock(const void *addr, size_t len);

       mlock  disables  paging for the memory in the range starting at addr 
with length len bytes. All pages which
       contain a part of the specified memory range are guaranteed be resident 
in RAM when the mlock  system  call
       returns  successfully  and  they  are  guaranteed to stay in RAM until 
the pages are unlocked by munlock or
       munlockall, until the pages are unmapped via munmap, or until the 
process terminates or starts another pro­
       gram with exec.  Child processes do not inherit page locks across a 

       Memory locking has two main applications: real-time algorithms and 
high-security data processing. Real-time
       applications require deterministic timing, and, like scheduling, paging 
is one major  cause  of  unexpected
       program  execution  delays.  Real-time  applications will usually also 
switch to a real-time scheduler with
       sched_setscheduler.  Cryptographic security software often handles 
critical bytes like passwords or  secret
       keys  as  data  structures. As a result of paging, these secrets could 
be transfered onto a persistent swap
       store medium, where they might be accessible to the enemy long after 
the security software has  erased  the
       secrets  in  RAM and terminated.  (But be aware that the suspend mode 
on laptops and some desktop computers
       will save a copy of the system's RAM to disk, regardless of memory 

       Memory locks do not stack, i.e., pages which have been locked several 
times by calls to mlock  or  mlockall
       will be unlocked by a single call to munlock for the corresponding 
range or by munlockall.  Pages which are
       mapped to several locations or by several processes stay locked into 
RAM as long  as  they  are  locked  at
       least at one location or by at least one process.

       On  POSIX  systems  on which mlock and munlock are available, 
_POSIX_MEMLOCK_RANGE is defined in <unistd.h>
       and the value PAGESIZE from <limits.h> indicates the number of bytes 
per page.

-- martin

Dipl.-Phys. Martin Konold
e r f r a k o n
Erlewein, Frank, Konold & Partner - Beratende Ingenieure und Physiker
Nobelstrasse 15, 70569 Stuttgart, Germany
fon: 0711 67400963, fax: 0711 67400959
email: martin.konold at erfrakon.de

More information about the kde-core-devel mailing list