Received: from biscayne-one-station.mit.edu (BISCAYNE-ONE-STATION.MIT.EDU [18.7.7.80]) by krbdev.mit.edu (8.9.3p2) with ESMTP id NAA04014; Mon, 2 May 2005 13:31:07 -0400 (EDT) Received: from outgoing.mit.edu (OUTGOING-AUTH.MIT.EDU [18.7.22.103]) by biscayne-one-station.mit.edu (8.12.4/8.9.2) with ESMTP id j42HV5QM009767; Mon, 2 May 2005 13:31:05 -0400 (EDT) Received: from [18.18.1.76] (KEN-WIRELESS.MIT.EDU [18.18.1.76]) (authenticated bits=0) (User authenticated as raeburn@ATHENA.MIT.EDU) by outgoing.mit.edu (8.12.4/8.12.4) with ESMTP id j42HUwwT003580 (version=TLSv1/SSLv3 cipher=RC4-SHA bits=128 verify=NOT); Mon, 2 May 2005 13:30:58 -0400 (EDT) In-Reply-To: References: MIME-Version: 1.0 (Apple Message framework v622) Content-Type: text/plain; charset=US-ASCII; format=flowed Message-Id: <36bed9adc21395cadbd0dbc1e83aa976@mit.edu> Content-Transfer-Encoding: 7bit From: Ken Raeburn Subject: Re: [krbdev.mit.edu #3036] Feature Request 2a for 1.5 (or whatever) Date: Mon, 2 May 2005 13:30:53 -0400 To: rt@krbdev.mit.edu X-Mailer: Apple Mail (2.622) X-Spam-Score: -4.9 X-Spam-Flag: NO X-Scanned-BY: MIMEDefang 2.42 RT-Send-Cc: X-RT-Original-Encoding: us-ascii Content-Length: 846 On May 2, 2005, at 12:34, "Henry B. Hotz" via RT wrote: > Credential cache storage that goes away if you shut the machine down > (or crash it). Kind of like, oh, having the administrator put /tmp into a memory-based file system? I'd like to see us add a config-file option to specify the default directory for credentials, so that a small memory file system could be used for credentials without requiring that /tmp be that file system. But not revealing the data after a crash could be tricky on some systems, unless you do something like encrypting the file system in a key stored in some magic place in the kernel that is guaranteed to be wiped before the OS writes out a crash dump. Aside from making some recommendations about file system setups, you're basically asking us to invent OS-level functionality across platforms....