Re: Forcing data into RAM memory only?
- From: "Sam Hobbs" <samuel@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx>
- Date: Sat, 20 May 2006 11:05:20 -0700
Programmers often ask for help with a solution to a problem instead of
asking for help with the (fundamental) problem.
Here, the solution is to fix pages to prevent them from being swapped to the
page file. The real problem is to protect sensitive data, especially the
password.
If you want help with the fundamental problem, then the problem becomes a
security issue that will get a better answer in the security newsgroup. I am
nearly certain that security specialists will say that the solution of
locking memory is a bad one, but I am not a security specialist. If you ask
in security newsgroup how to develop a tool for better privacy online and
offline then the solution, or one of the most suggested solutions, will be
to use a methodology that uses a hash such that you don't load the password
into memory at all when validating it. That is how Windows (2000 and above
or something like that) and SQL Server authentication work.
"hexa" <hexa@xxxxxxxx> wrote in message
news:1145686132.119320.207770@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
Hello,
I'm currently developing an open source tool for better privacy online
and offline; it would be very important, however, to prevent disk
swapping for this application, so that no sensible data gets written
to disk unless the program wants to write it.
I was wondering if it is possible to use APIs (or something else) to
force Windows to stop any disk swapping activity for this particular
application (using only available RAM memory, no virtual memory.)
Any suggestions on how i could accomplish this task?
Is it possible to do this using VirtualAlloc's MEM_PHYSICAL?
Thanks in advance,
Z.M.
.
- Prev by Date: Re: Printing drivers & architecture
- Next by Date: Automatic logoff
- Previous by thread: Re: RegQueryValueEx problem?
- Next by thread: Automatic logoff
- Index(es):
Relevant Pages
|
