"Use secure virtual memory" doesn't encrypt swapfile
System: Fresh install 10.5 with full patches to 10.5.1 G4 iMac.
No matter what I did with the "Use secure virtual memory" option in System Preferences, the -E switch did not get passed to dynamic_pager.
Setting ENCRYPTSWAP=-YES- in /etc/hostconfig also had no effect.
So I forced it in /System/Library/LaunchDaemons/com.apple.dynamic_pager.plist and verified that the -E switch is being passed to the dynamic_pager on startup. Guess what? The swapfile still appears to be in-the-clear.
So I thought the contents of /var/vm/swapfile0 might be left over from a previous boot so I booted into single-user and ran +rm -P /var/vm/swapfile0+ then booted normally. Still appears to be in-the-clear:
root# strings /var/vm/swapfile0 | grep -i password
2/Applications/Utilities/Open Firmware Password.app
*/Applications/Utilities/Reset Password.app
com.apple.openfirmwarepassword[
com.apple.OpenFirmwarePassword
Open Firmware Password
open firmware password.app
Contents/MacOS/Open Firmware Password
com.apple.resetpassword
com.apple.ResetPassword
Reset Password
reset password.app
Contents/Resources/PasswordReset.icns
Contents/MacOS/Reset Password
root# ps -ax | grep dynamic_pager
72 ?? 0:00.01 /sbin/dynamic_pager -E -F /private/var/vm/swapfile
The technical term for this is "BAD."
*Is encrypted swap a feature of Leopard or not?*
I've seen discussions that this also applies to Leopard Server. I haven't looked at Tiger client or server yet.
No matter what I did with the "Use secure virtual memory" option in System Preferences, the -E switch did not get passed to dynamic_pager.
Setting ENCRYPTSWAP=-YES- in /etc/hostconfig also had no effect.
So I forced it in /System/Library/LaunchDaemons/com.apple.dynamic_pager.plist and verified that the -E switch is being passed to the dynamic_pager on startup. Guess what? The swapfile still appears to be in-the-clear.
So I thought the contents of /var/vm/swapfile0 might be left over from a previous boot so I booted into single-user and ran +rm -P /var/vm/swapfile0+ then booted normally. Still appears to be in-the-clear:
root# strings /var/vm/swapfile0 | grep -i password
2/Applications/Utilities/Open Firmware Password.app
*/Applications/Utilities/Reset Password.app
com.apple.openfirmwarepassword[
com.apple.OpenFirmwarePassword
Open Firmware Password
open firmware password.app
Contents/MacOS/Open Firmware Password
com.apple.resetpassword
com.apple.ResetPassword
Reset Password
reset password.app
Contents/Resources/PasswordReset.icns
Contents/MacOS/Reset Password
root# ps -ax | grep dynamic_pager
72 ?? 0:00.01 /sbin/dynamic_pager -E -F /private/var/vm/swapfile
The technical term for this is "BAD."
*Is encrypted swap a feature of Leopard or not?*
I've seen discussions that this also applies to Leopard Server. I haven't looked at Tiger client or server yet.
2.16GHz 20" Core2Duo iMac, 17" G4 iMac upg to 1GB 160GB, Mac OS X (10.5.1)
