Password theft from memory?
C. P. Ghost
cpghost at cordula.ws
Sun Apr 24 18:17:07 UTC 2011
On Sun, Apr 24, 2011 at 7:10 PM, Modulok <modulok at gmail.com> wrote:
> I don't know if this is a problem on FreeBSD...
>
> Process A requests memory.
> Process A Stores a plaintext password in memory or other sensitive data.
> Process A terminates and the memory is reclaimed by kernel.
>
> Process B requests a *huge* chunk of memory.
> Process B crawls the uninitialized memory, looking for ProcessA's previously
> stored password.
>
> Does anyone know if this is even possible on FreeBSD?
Please correct me if I'm wrong (I didn't check the sources), but...
short answer: it shouldn't happen, because pages allocated to a new process
are zero-filled by the kernel (lazily via zero-fill page faults when
process B crawls
the memory the first time).
On the other hand, I'm not sure if the pass phrase would be visible
via /dev/kmem
before those pages are actually zero-filled by the new process. Must check the
source for exit(2).
> Thanks!
> -Modulok-
-cpghost.
--
Cordula's Web. http://www.cordula.ws/
More information about the freebsd-questions
mailing list