dcsimg
Results 1 to 6 of 6

Thread: How do I keep VirtualAlloc from writing to paging file?

  1. #1

    Thread Starter
    Fanatic Member
    Join Date
    Oct 2008
    Posts
    994

    How do I keep VirtualAlloc from writing to paging file?

    I want to allocate memory with the VirtualAlloc, but I want to designate it as memory that is not to use the paging file for backup (if it runs out of memory, the data is just lost). For security, it's important to not write certain things to the harddrive (which can never be 100% wiped), but rather keep them only in memory. For example, you wouldn't want a password that was stored in memory to be dumped to the harddrive, just because you had a lot of programs running on your PC, and the result was that you ran out of memory. You'd rather your program simply malfunctioned or crashed when it ran out of memory, and then tried to write something else to memory.

    I was looking at the memory protection constant PAGE_NOCACHE for this, but I'm not sure that "don't cache" means the same thing as "don't write to the windows paging file, even if you run out of memory". Is a memory cache the same thing as a paging file?

  2. #2
    PowerPoster
    Join Date
    Jun 2015
    Posts
    2,224

    Re: How do I keep VirtualAlloc from writing to paging file?


  3. #3

    Thread Starter
    Fanatic Member
    Join Date
    Oct 2008
    Posts
    994

    Re: How do I keep VirtualAlloc from writing to paging file?

    I'm not talking about locking it so it can't fail. I'm talking about allowing it to possibly fail, but just, no matter what, NEVER write to the harddrive. Does PAGE_NOCACHE prevent it from writing to the harddrive, even if it runs out of memory?

  4. #4
    PowerPoster
    Join Date
    Jun 2015
    Posts
    2,224

    Re: How do I keep VirtualAlloc from writing to paging file?

    VirtualLock is the standard practice used in the context you've presented - although this is a good read.

  5. #5
    PowerPoster
    Join Date
    Feb 2006
    Posts
    20,922

    Re: How do I keep VirtualAlloc from writing to paging file?

    Yep, and as mentioned there best practice is to use CryptProtectData/CryptUnprotectData anyway.

  6. #6
    PowerPoster
    Join Date
    Jun 2015
    Posts
    2,224

    Re: How do I keep VirtualAlloc from writing to paging file?

    Quote Originally Posted by dilettante View Post
    Yep, and as mentioned there best practice is to use CryptProtectData/CryptUnprotectData anyway.
    Quote Originally Posted by Raymond Chen
    Follow-up: I’ve been informed by the memory manager folks that the working set interpretation was overly conservative and that in practice, the memory that has been virtually locked won’t be written to the pagefile. Of course, the other concerns still apply, so you still have to worry about the hibernation file and another process sucking the data out via ReadProcessMemory
    basically the original premise of Raymond's post (against a standard practice) was innacurate... but in the greater context of protecting memory - you are better off using CryptProtectData/CryptUnprotectData

    so the best answer would be as dill/chen recommend. (FYI the .NET SecureString class uses the deprecated RtlEncryptMemory/RtlDecryptMemory) And those API's would be the first a hacker would hook.

    Security in general is a fascinating topic.
    Last edited by DEXWERX; May 26th, 2016 at 08:28 AM.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  



Featured


Click Here to Expand Forum to Full Width