Date: Sun, 24 Apr 2011 19:53:41 +0200 From: "C. P. Ghost" <cpghost@cordula.ws> To: Modulok <modulok@gmail.com> Cc: freebsd-questions@freebsd.org Subject: Re: Password theft from memory? Message-ID: <BANLkTin_S%2BBRWu79AH16tPdgZd%2BUgZQAzQ@mail.gmail.com> In-Reply-To: <BANLkTimJWAxW_4OmoeBQrvDDLjD-5Vr5hQ@mail.gmail.com> References: <BANLkTimJWAxW_4OmoeBQrvDDLjD-5Vr5hQ@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sun, Apr 24, 2011 at 7:10 PM, Modulok <modulok@gmail.com> wrote: > I don't know if this is a problem on FreeBSD... > > Process A requests memory. > Process A Stores a plaintext password in memory or other sensitive data. > Process A terminates and the memory is reclaimed by kernel. > > Process B requests a *huge* chunk of memory. > Process B crawls the uninitialized memory, looking for ProcessA's previously > stored password. > > Does anyone know if this is even possible on FreeBSD? Please correct me if I'm wrong (I didn't check the sources), but... short answer: it shouldn't happen, because pages allocated to a new process are zero-filled by the kernel (lazily via zero-fill page faults when process B crawls the memory the first time). On the other hand, I'm not sure if the pass phrase would be visible via /dev/kmem before those pages are actually zero-filled by the new process. Must check the source for exit(2). > Thanks! > -Modulok- -cpghost. -- Cordula's Web. http://www.cordula.ws/
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?BANLkTin_S%2BBRWu79AH16tPdgZd%2BUgZQAzQ>