Utilize the mlock syscall on Linux #35
Description
The mlock system call family can prevent memory pages from being swapped out to disk or other long term storage. In case an adversary has the opportunity to get access to the long term storage, he or she can investigate the pages and may dig out the sensitive data in it. Using mlock can make the sensitive data in short-term memory only and this makes it more difficult for the adversary to get access to the memory pages and even so, the adversary usually has no adequate time to get the investigation done.