Skip site navigation (1)Skip section navigation (2) 
Date:      Mon, 23 Apr 2012 17:22:25 -0400
From:      Eitan Adler <lists@eitanadler.com>
To:        Joe Marcus Clarke <marcus@freebsd.org>
Cc:        Jeremy Messenger <mezz.freebsd@gmail.com>, Alexander Leidinger <Alexander@leidinger.net>, AN <andy@neu.net>, gnome@freebsd.org
Subject:   Re: Unable to allocate secure memory from gnome-keyring
Message-ID:  <CAF6rxgmfW6j_R9qRPE5sLiANd40wAp94riKiJv-NuZOzVBVwPg@mail.gmail.com>
In-Reply-To: <4F95C2B1.2050706@freebsd.org>
References:  <alpine.BSF.2.00.1204222157150.55889@mail.neu.net> <CADLFttd0JwjLZyoaVzjWZPE8dNSBptphOooxy6r9VYKuykBXTg@mail.gmail.com> <20120423220812.0000178d@unknown> <4F95C2B1.2050706@freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help 
On 23 April 2012 16:59, Joe Marcus Clarke <marcus@freebsd.org> wrote:
> On 4/23/12 4:08 PM, Alexander Leidinger wrote:
>> On Sun, 22 Apr 2012 22:06:41 -0500 Jeremy Messenger
>> <mezz.freebsd@gmail.com> wrote:
>>
>>> On Sun, Apr 22, 2012 at 9:12 PM, AN <andy@neu.net> wrote:
>>
>>>> ** (process:42587): WARNING **: Unable to allocate secure memory
>>>> from gnome-keyring.
>>>>
>>>>
>>>> ** (process:42587): WARNING **: Proceeding using insecure memory for
>>>> password fields.
>>>
>>> Both of warnings here are known for age. I don't remember exactly why,
>>> I think it's something that FreeBSD lacks of what Linux has or maybe
>>> just need to complete port to FreeBSD. I am not sure.
>>
>> I would expect that this is caused by a failed call to mlock(). Only
>> root is allowed to do that. I would also expect that this message
>> disappears, if the executables is marked as SUID-root. If it makes
>> sense to mark it SUID-root from a security point of view in this case or
>> not is a different question.

The concern here is that the memory may be paged out and written to
disk. This data on disk may be recoverable even after the memory is
wiped. Very few people need concern themselves with attacks that rely
on this.


-- 
Eitan Adler

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAF6rxgmfW6j_R9qRPE5sLiANd40wAp94riKiJv-NuZOzVBVwPg>