Browse thread
[Caml-list] How to secure an OCaml server
[
Home
]
[ Index:
by date
|
by threads
]
[ Message by date: previous | next ] [ Message in thread: previous | next ] [ Thread: previous | next ]
[ Message by date: previous | next ] [ Message in thread: previous | next ] [ Thread: previous | next ]
| Date: | -- (:) |
| From: | Thomas Fischbacher <Thomas.Fischbacher@P...> |
| Subject: | Re: [Caml-list] How to secure an OCaml server |
On Sun, 29 Feb 2004, Yamagata Yoriyuki wrote: > From: Yutaka OIWA <oiwa@yl.is.s.u-tokyo.ac.jp> > Subject: Re: [Caml-list] How to secure an OCaml server > Date: Sun, 29 Feb 2004 01:44:10 +0900 > > > The garbage collection helps this style of programming, since with > > GC you can use those high-level data structures without fearing > > about memory leakage or dangling pointers. > > On the other hand, relaying GC means data reside in the memory for > unpredictable amount of time, and may swap out to the disk. In case we are talking about linux, may I recommend using cryptoapi to encrypt the swapspace (you can do a losetup -e blowfish /dev/loop7 swapfile; mkswap /dev/loop7; swapon /dev/loop7 at every boot - getting losetup to use a random string may perhaps need a bit of patching...)? What is swap good for nowadays that machines have RAM close to the 4 GB boundary anyway? I suppose it is mostly used just to slow the machine down enough so that root can react and kill processes by hand if some task goes haywire. Hence, encrypting swap will even help to slightly improve this. ;-> -- regards, tf@cip.physik.uni-muenchen.de (o_ Thomas Fischbacher - http://www.cip.physik.uni-muenchen.de/~tf //\ (lambda (n) ((lambda (p q r) (p p q r)) (lambda (g x y) V_/_ (if (= x 0) y (g g (- x 1) (* x y)))) n 1)) (Debian GNU) ------------------- To unsubscribe, mail caml-list-request@inria.fr Archives: http://caml.inria.fr Bug reports: http://caml.inria.fr/bin/caml-bugs FAQ: http://caml.inria.fr/FAQ/ Beginner's list: http://groups.yahoo.com/group/ocaml_beginners