"Brandon S. Allbery KF8NH"
You could just mlock() everything allocated by the RTS...
Brute force. :-) Certainly the most simple way to do it. But is that option already here (say in ghc), or would one have to patch the runtime for that?
Note also that this requires setuid root (yes, in gpg as well) --- so you are trading one known security issue for an unknown number of others.
I rather think, that this is indeed a failing in current day operating systems. What I think they should support is, that data (streams and memory) can be flagged a belonging to different trust / exposure classes and the same should be done for storage devices and swap. The OS should just prevent a process whose input is flagged a dont-expose from swapping to exposable storage since dont-expose input would automatically entail dont-expose process memory except in the cases where the process provides appropriate guarantees that allow it to handle exposable and non-exposable storage at the same time. (Should I write disclosure anstead of exposure?) Whatever -- I think the implementing crypto in Haskell would be a good thing, but the issue of how to prevent swapping to disk would have to be solved in a convincing way (can a C-Wrapper process help there?) before a GPG reimplementation is a convincing high profile show case project for Haskell. Regards -- Markus