From owner-freebsd-security  Mon Oct 13 18:29:42 1997
Return-Path: <owner-freebsd-security>
Received: (from root@localhost)
          by hub.freebsd.org (8.8.7/8.8.7) id SAA09582
          for security-outgoing; Mon, 13 Oct 1997 18:29:42 -0700 (PDT)
          (envelope-from owner-freebsd-security)
Received: from henry.cs.adfa.oz.au (henry.cs.adfa.oz.au [131.236.21.158])
          by hub.freebsd.org (8.8.7/8.8.7) with ESMTP id SAA09564
          for <freebsd-security@FreeBSD.ORG>; Mon, 13 Oct 1997 18:29:26 -0700 (PDT)
          (envelope-from wkt@henry.cs.adfa.oz.au)
Received: (from wkt@localhost) by henry.cs.adfa.oz.au (8.7.5/8.7.3) id LAA09227 for freebsd-security@FreeBSD.ORG; Tue, 14 Oct 1997 11:29:45 +1000 (EST)
From: Warren Toomey <wkt@henry.cs.adfa.oz.au>
Message-Id: <199710140129.LAA09227@henry.cs.adfa.oz.au>
Subject: Re: Zeroing pages, was Re: C2
Date: Tue, 14 Oct 1997 11:29:45 +1000 (EST)
Cc: freebsd-security@FreeBSD.ORG
In-Reply-To: <199710140042.RAA16597@usr07.primenet.com> from Terry Lambert at "Oct 14, 97 00:42:39 am"
Reply-To: wkt@cs.adfa.oz.au
X-Mailer: ELM [version 2.4ME+ PL22 (25)]
MIME-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
Sender: owner-freebsd-security@FreeBSD.ORG
X-Loop: FreeBSD.org
Precedence: bulk

In article by Terry Lambert:
> > > Basically, we need to purge all memory when it is allocated, or 
> > > deallocated.
> This is interesting.  Can you give a small sample program for accessing
> data from another program?  As far as I know, pages are either filled
> from a swap store (and contain data accessable to you) or zero-filled;
> I can't think of a way (off the top of my head) to make this not true.
> 					Terry Lambert

There's no way of accessing the unused contents of mbufs from user space?
Any other kernel buffers? I doubt it, but that's the only other way I can
think of.
	Warren Toomey