Trei, Peter (ptrei@securitydynamics.com)
Fri, 14 Aug 1998 13:59:50 -0400
Throwing another stitch on the "sensitive data can
wind up in the swap file" thread...
Under WinNT, there is a registry key which appears
to cause the swapfile to be cleared on
shutdown. It's at:
HKEY_LOCAL_MACHINE
\System
\CurrentControlSet
\Control
\Session Manager
\Memory Management
\ClearPageFileAtShutdown
it's a DWORD, with a default value of 0. Set to 1,
it ostensibly causes the all inactive pages to be
overwritten with zeros at shutdown time (there are
a few pages which are not overwritten, as they in
use during the shutdown).
Has anyone checked to see if this functions as
advertized? On my 200 MHz PPro, with a 47 Mb
swapfile and 128 Mb of RAM, shutdown time
increased by only 10 seconds after enabling this
(I had loaded the system up to the point where it
was complaining about running low on swap space,
then stopped all of the apps, before shutting
down).
Clearly, this is not a full solution to the
problem (it only works in a normal shutdown, not a
crash or unplugging), but it should be a big help.
No similar key seems to exist under Win95 or Win98.
Peter Trei
ptrei@securitydynamics.com
The following archive was created by hippie-mail 7.98617-22 on Sat Apr 10 1999 - 01:10:58