Red Hat Bugzilla – Bug 437170
RFE: wipe swap on exit
Last modified: 2008-03-12 15:25:51 EDT
I am generally really liking the encrypted volume thing. But I see a serious
security hole. Yes it sure looks like getting into these volumes after a
shutdown (and they are closed) looks impossible. But as the processes run they
will be used the swap file (which is not encrypted). So on shutdown some small
pieces of the information on the volumes will be stored there.
How about an option to wipe the swap area by overwriting it on exist.
Basically one off the last steps of shutdown would be to clear this area by
overwriting it, so that confidential data would be be able to be found there.
If you want this, it's probably best to just set up swap as encrypted - that is