I know there is no way to completely secure a running system, however I'd like to do do what ever is possible.
I'm not sure how to phrase the question, but basically, I'd like to secure the data on the system, so noone would be able to access it.
- Is it possible to secure running processes in memory ?
- Assuming the VPS owner can easily gain root or access to the filesystem (by connecting the drive to another running system), what are my options to secure my data ?
You could use a encrypted FUSE - the only problem being that you need to remount the filesystem when the system reboots. However bear in mind that anyone with access to the VPS image can potentially add bug your code to detect the pass phrase you use.
Not sure what you mean here. It's possible to modify any running process with root access, and also the kernel.
In second question- If i have vps with my own root i cant access to your filesystem. I can but i need to use ssh or some remote solution.
In first question . If you have some clients who using your vps you can add him max memory for using.
If i make some dump for momery crashing i will crash only my memory on vps , not your .