Password theft from memory?
rwmaillists at googlemail.com
Mon Apr 25 14:18:55 UTC 2011
On Sun, 24 Apr 2011 19:53:41 +0200
"C. P. Ghost" <cpghost at cordula.ws> wrote:
> On Sun, Apr 24, 2011 at 7:10 PM, Modulok <modulok at gmail.com> wrote:
> > I don't know if this is a problem on FreeBSD...
> > Process A requests memory.
> > Process A Stores a plaintext password in memory or other sensitive
> > data. Process A terminates and the memory is reclaimed by kernel.
> > Process B requests a *huge* chunk of memory.
> > Process B crawls the uninitialized memory, looking for ProcessA's
> > previously stored password.
> > Does anyone know if this is even possible on FreeBSD?
> Please correct me if I'm wrong (I didn't check the sources), but...
> short answer: it shouldn't happen, because pages allocated to a new
> process are zero-filled by the kernel (lazily via zero-fill page
> faults when process B crawls the memory the first time).
I don't believe the heap is allocated zeroed pages. The kernel
does allocate such pages to the BSS segment, but that's because it
holds zeroed data such as C static variables.
AFAIK it's the responsibly of the programmer to avoid data leaking.
Passwords are commonly overwritten as soon as they no longer needed. I
think geli keeps persistent key information in kernel wired-memory.
More information about the freebsd-questions