21Nis
Is it possible to hide a secret value from my own processes on Linux?
I have an application with a shared secret. This application runs as my user. However, Linux has the /proc directory, and particularly /proc/{pid}/mem and /proc/{pid}/maps. Any process created with my user id can access this, and I do not have the luxury of being able to create my own user ID for this application.
Is it possible to prevent other processes running under my UID from accessing a shared secret stored in memory? If not, is there another way to store the secret which can prevent other processes from accessing it.
This is similar to hardening - Keeping secrets from root on Linux, but that had a loftier goal of not trusting root (UID 0). I'm just looking to not trust my own processes.
