Bug 437170 - RFE: wipe swap on exit
Summary: RFE: wipe swap on exit
Keywords:
Status: CLOSED NOTABUG
Alias: None
Product: Fedora
Classification: Fedora
Component: cryptsetup-luks
Version: rawhide
Hardware: All
OS: Linux
low
low
Target Milestone: ---
Assignee: Peter Jones
QA Contact: Fedora Extras Quality Assurance
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2008-03-12 18:40 UTC by Ray Todd Stevens
Modified: 2008-03-12 19:25 UTC (History)
5 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2008-03-12 19:25:51 UTC
Type: ---
Embargoed:


Attachments (Terms of Use)

Description Ray Todd Stevens 2008-03-12 18:40:09 UTC
I am generally really liking the encrypted volume thing.   But I see a serious
security hole.   Yes it sure looks like getting into these volumes after a
shutdown (and they are closed) looks impossible.   But as the processes run they
will be used the swap file (which is not encrypted).   So on shutdown some small
pieces of the information on the volumes will be stored there.

How about an option to wipe the swap area by overwriting it on exist.  
Basically one off the last steps of shutdown would be to clear this area by
overwriting it, so that confidential data would be be able to be found there.

Comment 1 Bill Nottingham 2008-03-12 19:25:43 UTC
If you want this, it's probably best to just set up swap as encrypted - that is
supported.


Note You need to log in before you can comment on or make changes to this bug.