Bugtraq mailing list archives
win32/memory locking (Re: Reply to EFS note on Bugtraq)
From: Peter W <peterw () USA NET>
Date: Tue, 23 Jan 2001 15:09:01 -0500
On Mon, Jan 22, 2001 at 05:28:50PM -0800, Ryan Russell wrote:
Due to some mail trouble, I'm manually forwarding this note.
From: Microsoft Security Response Center
Subject: Re: BugTraq: EFS Win 2000 flaw
"... it is recommended that it is always better to start by creating an empty encrypted folder and creating files directly in that folder. Doing so, ensures that plaintext bits of that file never get saved anywhere on the disk. It also has a better performance as EFS does not need to create a backup and then delete the backup, etc."
Bits _never_ get written to the disk? Guaranteed never to use swap space? The GnuPG FAQ (http://www.gnupg.org/faq.html#q6.1) suggests that it is not possible to make a Windows program insist on physical RAM the way a program can in Open Systems. Does EFS really use only physical RAM? If so, is there some win32 API that can be used by other application designers who want to guarantee that certain blocks of allocated memory are *never* swapped out to disk? The most likely candidate I've come across is VirtualLock() which, unfortunately, "does not mean that the page will not be paged to disk" (http://msdn.microsoft.com/library/techart/msdn_virtmm.htm). Thanks, -Peter
Current thread:
- Reply to EFS note on Bugtraq Ryan Russell (Jan 23)
- win32/memory locking (Re: Reply to EFS note on Bugtraq) Peter W (Jan 23)
- Re: win32/memory locking (Re: Reply to EFS note on Bugtraq) James Perry (Jan 24)
- Re: win32/memory locking (Re: Reply to EFS note on Bugtraq) Keith Ray (Jan 24)
- Re: win32/memory locking (Re: Reply to EFS note on Bugtraq) James Perry (Jan 24)
- win32/memory locking (Re: Reply to EFS note on Bugtraq) Peter W (Jan 23)