password safes for mac
Bill Frantz
frantz at pwpconsult.com
Sun Jun 28 16:02:03 EDT 2009
perry at piermont.com (Perry E. Metzger) on Sunday, June 28, 2009 wrote:
>It has problems. Among other things, it only mlocks your session key
>itself into memory, leaving both the AES key schedule (oops!) and the
>decrypted data (oops!) pageable into swap. (Why bother mlocking the text
>of the key if you're not going to lock the key schedule?)
You should probably use the encrypted swap feature on the Mac.
System Preferences -> Security -> Use secure virtual memory.
Cheers - Bill
-----------------------------------------------------------------------
Bill Frantz | gets() remains as a monument | Periwinkle
(408)356-8506 | to C's continuing support of | 16345 Englewood Ave
www.pwpconsult.com | buffer overruns. | Los Gatos, CA 95032
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list