Date: Thu, 22 Aug 2002 22:18:21 -0400 From: Leo Bicknell <bicknell@ufp.org> To: freebsd-hackers@FreeBSD.ORG Subject: Re: userland malloc() and zeroed page allocation in Kernel Message-ID: <20020823021821.GA18704@ussenterprise.ufp.org> In-Reply-To: <001601c24a4a$121fbb60$1bf2fe81@etri.re.kr> References: <001601c24a4a$121fbb60$1bf2fe81@etri.re.kr>
next in thread | previous in thread | raw e-mail | index | archive | help
In a message written on Fri, Aug 23, 2002 at 11:09:07AM +0900, Un, SungKyong wrote:
> It seems that Kernel zero-out all free pages before allocation.
> I know the Kernel allocate pre-zeroed page for BSS area but not for heap
> area.
The kernel should zero all pages handed to a userspace application.
The reason is security. It would be really bad if one user ran,
say, passwd, and then the next user could malloc a large block of
memory, sort through it, and find the plain text password.
--
Leo Bicknell - bicknell@ufp.org - CCIE 3440
PGP keys at http://www.ufp.org/~bicknell/
Read TMBG List - tmbg-list-request@tmbg.org, www.tmbg.org
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-hackers" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020823021821.GA18704>