Bug 437170 - RFE: wipe swap on exit
RFE: wipe swap on exit
Status: CLOSED NOTABUG
Product: Fedora
Classification: Fedora
Component: cryptsetup-luks (Show other bugs)
rawhide
All Linux
low Severity low
: ---
: ---
Assigned To: Peter Jones
Fedora Extras Quality Assurance
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2008-03-12 14:40 EDT by Ray Todd Stevens
Modified: 2008-03-12 15:25 EDT (History)
5 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2008-03-12 15:25:51 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Ray Todd Stevens 2008-03-12 14:40:09 EDT
I am generally really liking the encrypted volume thing.   But I see a serious
security hole.   Yes it sure looks like getting into these volumes after a
shutdown (and they are closed) looks impossible.   But as the processes run they
will be used the swap file (which is not encrypted).   So on shutdown some small
pieces of the information on the volumes will be stored there.

How about an option to wipe the swap area by overwriting it on exist.  
Basically one off the last steps of shutdown would be to clear this area by
overwriting it, so that confidential data would be be able to be found there.
Comment 1 Bill Nottingham 2008-03-12 15:25:43 EDT
If you want this, it's probably best to just set up swap as encrypted - that is
supported.

Note You need to log in before you can comment on or make changes to this bug.