svn commit: r190482 - in head/lib/libc/db: . btree hash mpool
Brooks Davis
brooks at FreeBSD.org
Mon Mar 30 09:03:28 PDT 2009
On Mon, Mar 30, 2009 at 09:18:50PM +1100, user at vk2pj.dyndns.org wrote:
> Hi Xin,
>
> On 2009-Mar-28 04:00:46 +0000, Xin LI <delphij at freebsd.org> wrote:
> >Log:
> > When allocating memory, zero out them if we don't intend to overwrite them
> > all; before freeing memory, zero out them before we release it as free
> > heap. This will eliminate some potential information leak issue.
>
> Given that db runs with the same privileges as the process using it, I
> don't see how zeroing memory eliminates any information leak - the
> process can directly open and read the underlying db file itself.
> Zeroing on allocation may fix any potential issue with uninitialised
> structures and prevent the return of garbage in "holes" but that's not
> an information leak.
Consider /etc/pwd.db. It's world readable, but written by a program that
also wrote /etc/spwd.db which definitely is not.
-- Brooks
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 187 bytes
Desc: not available
Url : http://lists.freebsd.org/pipermail/svn-src-head/attachments/20090330/ecafdd96/attachment.pgp
More information about the svn-src-head
mailing list