Re: Is data in RAM insecure, or am I just paranoid?

Modern operating systems keep processes from accessing the memory of other processes. This makes data in RAM secure for most purposes. The problems are:

1. The operating system still has access to RAM. This means the administrator has access to RAM. You need to trust the owner and administrator of the machine.

2. A user has access to the RAM of all of their processes. This is definitely true of a shared hosting environment. It likely has one web server. Your scripts are probably being run as separate processes as the same user, or in the same process (this is especially true of IIS).

3. Operating systems will swap memory out to disk. The secure data can be read later from disk. C programs can control if RAM can be swapped or not, but Perl does not have that control. The solution is to keep secure strings in memory for short times as possible. One trick is to overwrite the strings when you are done with them.

I would be most concerned about the shared hosting environment. I wouldn't be concerned about the data in RAM. It takes a skillful attacker on the same machine could potentially read it, but they have easier ways to steal credit cards. The biggest risk in unencrypted numbers in a database and you have already taken care of that. I would be more concerned about the security of the private key. The key, must be accessible to the web server, which means it is probably accessible to other on the web server.

Comment on Re: Is data in RAM insecure, or am I just paranoid?

Replies are listed 'Best First'.
Re^2: Is data in RAM insecure, or am I just paranoid? by theAcolyte (Pilgrim) on Jul 16, 2004 at 19:48 UTC
I would be more concerned about the security of the private key. The key, must be accessible to the web server, which means it is probably accessible to other on the web server. Thanks for your comments but on this comment above, I think I am covered. The private key is never available to the webserver. Only the public key. The private key resides on the computer of the owner of the site, in his office, within a desktop application I've set up for them. The info is downloaded encrypted from the database, and then decrypted on his desktop for him to view. From all the various comments I am gathering that the best solution is a non-shared hosting environment, or at least one that is more controlled. I'd feel much better about setting him up on a *nix system but I've not a choice in the matter. Thanks again for everyone's insights.	[reply]

Replies are listed 'Best First'.

Re^2: Is data in RAM insecure, or am I just paranoid?
by theAcolyte (Pilgrim) on Jul 16, 2004 at 19:48 UTC

I would be more concerned about the security of the private key. The key, must be accessible to the web server, which means it is probably accessible to other on the web server.

Thanks for your comments but on this comment above, I think I am covered. The private key is *never* available to the webserver. Only the public key. The private key resides on the computer of the owner of the site, in his office, within a desktop application I've set up for them. The info is downloaded encrypted from the database, and then decrypted on his desktop for him to view.

From all the various comments I am gathering that the best solution is a non-shared hosting environment, or at least one that is more controlled. I'd feel much better about setting him up on a *nix system but I've not a choice in the matter.

Thanks again for everyone's insights.

[reply]