Bug 437170 - RFE: wipe swap on exit
Summary: RFE: wipe swap on exit
Alias: None
Product: Fedora
Classification: Fedora
Component: cryptsetup-luks
Version: rawhide
Hardware: All
OS: Linux
Target Milestone: ---
Assignee: Peter Jones
QA Contact: Fedora Extras Quality Assurance
Depends On:
TreeView+ depends on / blocked
Reported: 2008-03-12 18:40 UTC by Ray Todd Stevens
Modified: 2008-03-12 19:25 UTC (History)
5 users (show)

Clone Of:
Last Closed: 2008-03-12 19:25:51 UTC

Attachments (Terms of Use)

Description Ray Todd Stevens 2008-03-12 18:40:09 UTC
I am generally really liking the encrypted volume thing.   But I see a serious
security hole.   Yes it sure looks like getting into these volumes after a
shutdown (and they are closed) looks impossible.   But as the processes run they
will be used the swap file (which is not encrypted).   So on shutdown some small
pieces of the information on the volumes will be stored there.

How about an option to wipe the swap area by overwriting it on exist.  
Basically one off the last steps of shutdown would be to clear this area by
overwriting it, so that confidential data would be be able to be found there.

Comment 1 Bill Nottingham 2008-03-12 19:25:43 UTC
If you want this, it's probably best to just set up swap as encrypted - that is

Note You need to log in before you can comment on or make changes to this bug.