Swap or no swap?
- Thor
- htd0rg lieutenant
- Posts:440
- Joined:Tue Dec 18, 2007 9:39 am
- Location:Location Location [phpBB Debug] PHP Warning: in file [ROOT]/vendor/twig/twig/lib/Twig/Extension/Core.php on line 1275: count(): Parameter must be an array or an object that implements Countable
I was reading some things the other day that suggested that it may be better to go with no swap on some linux machines. This way you don't need to worry about what it's collecting and things like that. We can encrypt swap, but it might impact performance. I was thinking about setting up a nix box with 512mb RAM with no swap to see if I even noticed it gone. Any thoughts on this?
Quidquid latine dictum sit, altum sonatur.
- Whatever is said in Latin sounds profound.
Omnis Vestri Substructio Es Servus Ad Nobis.
- All Your Base Are Belong To Us
- Whatever is said in Latin sounds profound.
Omnis Vestri Substructio Es Servus Ad Nobis.
- All Your Base Are Belong To Us
- stasik
- Guru
- Posts:525
- Joined:Thu Oct 12, 2006 8:38 am
- Location:dublin [phpBB Debug] PHP Warning: in file [ROOT]/vendor/twig/twig/lib/Twig/Extension/Core.php on line 1275: count(): Parameter must be an array or an object that implements Countable
Re: Swap or no swap?
if i am not mistaken, swap for linux is like pagefiles for windows. if u r out of ram, or hibernate/stand by, then its nice to have a swap partition. i never heard of any disadvantages of swap partition (except security in ur case maybe). 512 may be enough, but maybe not, depending on how many simultaneous applications are gonna be running, or if u r gonna do any big/long computations. i would say u need swap partition for less then 2 gb of ram
-
- Hacker in Training
- Posts:53
- Joined:Wed Aug 26, 2009 8:33 am [phpBB Debug] PHP Warning: in file [ROOT]/vendor/twig/twig/lib/Twig/Extension/Core.php on line 1275: count(): Parameter must be an array or an object that implements Countable
Re: Swap or no swap?
The only disadvantage with swap I have read about is if you use a SSD but even there the opinion is divided.
You can also tweak the way Linux swaps.This site has some common information about the subject:
http://www.linux.com/news/software/appl ... swap-space
You can also tweak the way Linux swaps.This site has some common information about the subject:
http://www.linux.com/news/software/appl ... swap-space
-
- Sargeant at Arms
- Posts:191
- Joined:Tue Feb 17, 2009 5:27 am [phpBB Debug] PHP Warning: in file [ROOT]/vendor/twig/twig/lib/Twig/Extension/Core.php on line 1275: count(): Parameter must be an array or an object that implements Countable
Re: Swap or no swap?
if it's security you're concerned about, would it be possible to add a feature to the shutdown routine which would quickly shred the swap space? that way, any performance impact would only affect the time it takes to shut down, and you're done using it then anyway.
bear in mind that I know nothing about linux, so I don't know how hard this would be to implement.
bear in mind that I know nothing about linux, so I don't know how hard this would be to implement.
-
- Apprentice
- Posts:36
- Joined:Thu Sep 17, 2009 7:41 pm
- Location:Athens, GR [phpBB Debug] PHP Warning: in file [ROOT]/vendor/twig/twig/lib/Twig/Extension/Core.php on line 1275: count(): Parameter must be an array or an object that implements Countable
Re: Swap or no swap?
When you run out of memory, you're going to suffer.Thor wrote:I was reading some things the other day that suggested that it may be better to go with no swap on some linux machines. This way you don't need to worry about what it's collecting and things like that. We can encrypt swap, but it might impact performance. I was thinking about setting up a nix box with 512mb RAM with no swap to see if I even noticed it gone. Any thoughts on this?
Why would you worry about what's in the swap, though? Based on your thought to encrypt the swap file/partition, I'm assuming security concerns. What's your threat model - someone stealing your drive?
- stasik
- Guru
- Posts:525
- Joined:Thu Oct 12, 2006 8:38 am
- Location:dublin [phpBB Debug] PHP Warning: in file [ROOT]/vendor/twig/twig/lib/Twig/Extension/Core.php on line 1275: count(): Parameter must be an array or an object that implements Countable
Re: Swap or no swap?
maybe TrueCrypt could be used to encrypt ur swap partition, and decrypt it on boot. never used truecrypt on linux, so no idea how it could be implemented. but even if u r concern about security, the info saved on swap partition is Process Pointers of the addresses, which means nothing without the actual memory (which is ur linux partition, encrypted one). no photo/docs/audio/video/etc will ever be saved/moved to the swap partition (i think so)...
-
- Apprentice
- Posts:36
- Joined:Thu Sep 17, 2009 7:41 pm
- Location:Athens, GR [phpBB Debug] PHP Warning: in file [ROOT]/vendor/twig/twig/lib/Twig/Extension/Core.php on line 1275: count(): Parameter must be an array or an object that implements Countable
Re: Swap or no swap?
Sure they will. That's the whole point of swap space. Maybe you're thinking of TLBs?stasik wrote:no photo/docs/audio/video/etc will ever be saved/moved to the swap partition (i think so)...
- foldingstock
- htd0rg lieutenant
- Posts:300
- Joined:Sat Aug 16, 2008 10:38 pm [phpBB Debug] PHP Warning: in file [ROOT]/vendor/twig/twig/lib/Twig/Extension/Core.php on line 1275: count(): Parameter must be an array or an object that implements Countable
Re: Swap or no swap?
dm_crypt would be easier to setup. TrueCrypt would work, but if you ever upgraded your kernel it would have to be reinstalled before encrypted volumes could be mounted.stasik wrote:maybe TrueCrypt could be used to encrypt ur swap partition, and decrypt it on boot. never used truecrypt on linux, so no idea how it could be implemented. but even if u r concern about security, the info saved on swap partition is Process Pointers of the addresses, which means nothing without the actual memory (which is ur linux partition, encrypted one). no photo/docs/audio/video/etc will ever be saved/moved to the swap partition (i think so)...
"If a man empties his purse into his head, no one can take it from him."
- Benjamin Franklin
- Benjamin Franklin
-
- Hacker in Training
- Posts:91
- Joined:Mon Feb 28, 2005 8:27 pm [phpBB Debug] PHP Warning: in file [ROOT]/vendor/twig/twig/lib/Twig/Extension/Core.php on line 1275: count(): Parameter must be an array or an object that implements Countable
Re: Swap or no swap?
Alternatively,
If you need swap, you could use a swap file instead of a partition, which lives in your system along with system files and such, and would essentially be encrypted when you encrypt the drive.
NOVA
If you need swap, you could use a swap file instead of a partition, which lives in your system along with system files and such, and would essentially be encrypted when you encrypt the drive.
NOVA
Sometimes insanity is the only sanity left
- Thor
- htd0rg lieutenant
- Posts:440
- Joined:Tue Dec 18, 2007 9:39 am
- Location:Location Location [phpBB Debug] PHP Warning: in file [ROOT]/vendor/twig/twig/lib/Twig/Extension/Core.php on line 1275: count(): Parameter must be an array or an object that implements Countable
Re: Swap or no swap?
I use Truecrypt for making encrypted containers in my system now, but I think I would only use it just for that. I'm not even 100% sure how I would use Truecrypt to do a swap partition, it would be weird I think. I believe the suggestion about using dm-crypt would be better for that. As far as what I want to do with the swap, I think I will keep a swap, but encrypt it. My 512mb ram is just to low IMO for things to really operate smoothly. Plus, I tend to load systems up with a bunch of different things which takes away from their bare bones value.
I am under the impression that more than just address pointers are being passed through swap. In fact I thought that any data that would be found in any memory normally, can also be found in swap. With this logic, it seems that passwords unencrypted and any other text, image or data file can be found there. It could be possible to scrape this data before power down. (I believe so). Please correct or elaborate if I am wrong or half true here.
EDIT: One thing I haven't really considered is the use of a Linux swap file. I haven't really heard of anyone doing this. What directory would you put that in? /tmp I guess?
I am under the impression that more than just address pointers are being passed through swap. In fact I thought that any data that would be found in any memory normally, can also be found in swap. With this logic, it seems that passwords unencrypted and any other text, image or data file can be found there. It could be possible to scrape this data before power down. (I believe so). Please correct or elaborate if I am wrong or half true here.
EDIT: One thing I haven't really considered is the use of a Linux swap file. I haven't really heard of anyone doing this. What directory would you put that in? /tmp I guess?
Quidquid latine dictum sit, altum sonatur.
- Whatever is said in Latin sounds profound.
Omnis Vestri Substructio Es Servus Ad Nobis.
- All Your Base Are Belong To Us
- Whatever is said in Latin sounds profound.
Omnis Vestri Substructio Es Servus Ad Nobis.
- All Your Base Are Belong To Us
-
- Hacker in Training
- Posts:91
- Joined:Mon Feb 28, 2005 8:27 pm [phpBB Debug] PHP Warning: in file [ROOT]/vendor/twig/twig/lib/Twig/Extension/Core.php on line 1275: count(): Parameter must be an array or an object that implements Countable
Re: Swap or no swap?
I've seen it be used in the root drive, I guess temp is as good a place as any, or even create a dedicated subdir for it. Never had to use it myself, I obviously aint that worried about laptop theft....
NOVA
NOVA
Sometimes insanity is the only sanity left
-
- Hacker in Training
- Posts:81
- Joined:Wed Jan 21, 2009 2:13 pm [phpBB Debug] PHP Warning: in file [ROOT]/vendor/twig/twig/lib/Twig/Extension/Core.php on line 1275: count(): Parameter must be an array or an object that implements Countable
Re: Swap or no swap?
since you guys were on the subject of an encrypted swap partition i though that i might throw this out there. there is a guy on another forum that i visit who is developing his own linux distro. one of the planned features of the distro is an encrypted swap partition. since he is planning on using it, i am sure he could probably enlighten you on how it would work if you got into contact with him. here is the link to the thread.
http://www.undergroundsystems.org/forum ... #post67967
http://www.undergroundsystems.org/forum ... #post67967