reesesWeb

From macosxhints

Research has shown that swap files can contain passwords from File Vault, login and Key Chain - nullifying the protection they provide.

Let's take a look...

(09:06) reeses@Miette:vm$ pwd
/private/var/vm
(09:06) reeses@Miette:vm$ ls -l
total 524288
-rw------T  1 root  wheel   67108864  9 Aug 15:24 swapfile0
-rw------T  1 root  wheel   67108864 10 Aug 15:04 swapfile1
-rw------T  1 root  wheel  134217728 13 Aug 08:57 swapfile2
(09:06) reeses@Miette:vm$

So, one would need to have root access to access the data contained within the swapfile? Quel surprise.

So, if you had your swapfile turned off, and I had root access to your machine, I could ktrace your File Vault, Key Chain, etc., and, umm, pwn you?

Children, children, there's no reason to turn off swap on a general-purpose computer.

(OK, I was just looking for someone to say something stupid so I'd have an opportunity to post that picture.)

Bookmark/Search this post with:

delicious | digg | reddit | technorati