On Sat, Jun 27, 2026 at 08:19:11PM +0000, Listeria monocytogenes wrote: > Hi, > > I think it would make sense to mlock the variables dealing with the > user's input in readpw(), to ensure secrets are not written to disk > (sans hibernating). > > That may include buf[32], passwd[256], ksym and ev. In which case the > easiest way to do it would be to put them all in a struct and call: > > mlock(&secrets, sizeof(secrets)) /* in linux */ > > Apparently according to POSIX mlock(2) may fail if addr is not a > multiple of PAGESIZE, so that would need to be handled as well: > > addr = (char *)((uintptr_t)&secrets & -sysconf(_SC_PAGESIZE)); > len = (char *)(&secrets + 1) - addr; > mlock(addr, len); > > -- > Listeria >
Hi, Maybe this could be done at another level? By encrypting swap (done on OpenBSD by default) or configure hibernation securily on your system. This affects other (possibly more sensitive applications) as well. Hope this helps, -- Kind regards, Hiltjo
