Date: Fri, 18 Oct 1996 10:25:31 +0930 (CST) From: Michael Smith <msmith@atrad.adelaide.edu.au> To: guido@gvr.win.tue.nl (Guido van Rooij) Cc: thorpej@nas.nasa.gov, phk@critter.tfs.com, guido@FreeBSD.org, freebsd-hackers@FreeBSD.org, tech-userlevel@netbsd.org Subject: Re: cvs commit: src/lib/libc/db/hash hash_buf.c Message-ID: <199610180055.KAA20694@genesis.atrad.adelaide.edu.au> In-Reply-To: <199610172004.WAA11623@gvr.win.tue.nl> from "Guido van Rooij" at Oct 17, 96 10:04:45 pm
next in thread | previous in thread | raw e-mail | index | archive | help
Guido van Rooij stands accused of saying: > > > > > bzero'ing a hash buffer is not a complete solution to the problem, > > since the process may contain other potentially sensitive data > > in its address space. What you really want to do is protect > > the cores. > > > > > And what about a user attaching a debugger to a running ftpd... If it's running as root, they have to be root already. If it's changed its UID, as has already been pointed out, you _can't_ attach to it for just this reason. > -Guido > -- ]] Mike Smith, Software Engineer msmith@atrad.adelaide.edu.au [[ ]] Genesis Software genesis@atrad.adelaide.edu.au [[ ]] High-speed data acquisition and (GSM mobile) <STOLEN> [[ ]] realtime instrument control (ph/fax) +61-8-8267-3493 [[ ]] Collector of old Unix hardware. "Where are your PEZ?" The Tick [[
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199610180055.KAA20694>