summary: Discard sensitive material in Pageant on hibernation class: wish: This is a request for an enhancement. difficulty: fun: Just needs tuits, and not many of them. priority: low: We aren't sure whether to fix this or not.
It's been suggested that Pageant (and anything else storing private
key material long-term) should forget (wipe) all its unencrypted keys
when a system hibernates, to avoid them being stored to disk; it
should at least reload the keys and ask for passphrases again after a
hibernation.
Apparently the windows messages BT_APMQUERYSUSPEND and PBT_APMSUSPEND
would be useful here.
Low priority because:
If you have physical access to the machine, then you've compromised
its security anyway; you can just install a trojan pageant which will
happily snarf the passphrases from keys for you, or perpetrate any one
of a number of other attacks.
Pageant doesn't currently attempt to prevent key material being
written to disk. (We don't for instance use VirtualLock(); see
virtuallock.)
If you want to comment on this web site, see the
Feedback page.
