...
| Code Block | ||
|---|---|---|
| ||
#include <sys/resource.h>
/* ... */
struct rlimit limit;
limit.rlim_cur = 0;
limit.rlim_max = 0;
if (setrlimit(RLIMIT_CORE, &limit) != 0) {
/* Handle Error */
}
/* Create or otherwise obtain some sensitive data */
fgets(secret, sizeof(secret), stdin);
|
Compliant Solution (privileged process on
...
UNIX)
Additionally, processes with elevated privileges can disable paging by "locking" memory in place using either mlock() (POSIX) or VirtualLock() (Windows). This ensures that memory is never copied to the hard drive, where it may be retained indefinitely in non-volatile storage.
...