On Fri, Nov 16, 2012 at 04:40:47PM +0530, Aravinda Prasad wrote: [..] > > Ok, are these the only places where key is. Can a copy of it exist in > > some other buffers? We don't clear these. > > > I don't think a copy exist in other places I am wondering how does ssh work. User's private key is stored in .ssh/ and when authentication with server is happening then we must be signing something with that private key and most likely it will be in some buffer somewhere (user space buffer). > > > > > Also, if key is the only issue, why not just write this logic in > > makedumpfile and provide another option, --clear-kernel-keys. > > > > Why to introduce such generic scheme. > > > key is not the only issue, it was just an example. There could be other > things as well (data in socket buffers, device driver buffers, etc) > which customers may consider sensitive/private and are interested in > scrubbing. > > Also this is an extension to the already existing generic solution > implemented in makedumpfile, where rules can be specified using --config > option. This extension is built on the existing infrastructure and > provides a more flexible and powerful way to specify the data to be > scrubbed. For eg, scrubbing the keyring data mentioned in one of my > previous mails would not be possible with --config option. I am not against building infrastructure to scrub vmcore. I am only concerned about size bloat of makedumpfile. Thanks Vivek
