using secure memory from a script
What's the simplest/easiest way to use secure memory (i.e., memory that won't be written to a swap partition) from within a program (written in Ruby in this case) on FreeBSD? -- Chad Perrin [ original content licensed OWL: http://owl.apotheon.org ] pgphqNJQhPZ33.pgp Description: PGP signature
Re: using secure memory from a script
On Feb 19, 2010, at 3:59 PM, Chad Perrin wrote: What's the simplest/easiest way to use secure memory (i.e., memory that won't be written to a swap partition) from within a program (written in Ruby in this case) on FreeBSD? Well, Ruby supports calling C functions, so you can invoke mlock() that way: http://onlamp.com/pub/a/onlamp/2004/11/18/extending_ruby.html ...but you also have to do so as root. It might be more sane to setup encrypted swapping: http://www.freebsd.org/doc/handbook/swap-encrypting.html Regards, -- -Chuck ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: using secure memory from a script
On Thu, Feb 25, 2010 at 04:22:29PM -0800, Chuck Swiger wrote: Well, Ruby supports calling C functions, so you can invoke mlock() that way: http://onlamp.com/pub/a/onlamp/2004/11/18/extending_ruby.html ...but you also have to do so as root. It might be more sane to setup encrypted swapping: http://www.freebsd.org/doc/handbook/swap-encrypting.html Thanks for pointing out a couple of options. I'll look into them. I've also discovered that there appears to be a way to lock memory natively in Ruby, though, I haven't checked into that in too much depth yet. I will weigh my options carefully. -- Chad Perrin [ original content licensed OWL: http://owl.apotheon.org ] pgp0YEhAU9BhN.pgp Description: PGP signature