svn commit: r190482 - in head/lib/libc/db: . btree hash mpool
Xin LI
delphij at delphij.net
Mon Mar 30 09:14:20 PDT 2009
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
user at vk2pj.dyndns.org wrote:
[...]
> Given that db runs with the same privileges as the process using it, I
> don't see how zeroing memory eliminates any information leak - the
> process can directly open and read the underlying db file itself.
> Zeroing on allocation may fix any potential issue with uninitialised
> structures and prevent the return of garbage in "holes" but that's not
> an information leak.
The process that can read sensitive information _could_ sometimes write
something that can be read by non privileged process. It's known in
kern/123529 where spwd.db contents could be leaked into aliases.db, for
instance.
Cheers,
- --
Xin LI <delphij at delphij.net> http://www.delphij.net/
FreeBSD - The Power to Serve!
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.11 (FreeBSD)
iEYEARECAAYFAknQ78EACgkQi+vbBBjt66AJaQCgg5TONSuHZaGKkPB9W2tOLyhc
1qkAn3wLsADUT+6tRerLYbOP2QIeKW1j
=WYob
-----END PGP SIGNATURE-----
More information about the svn-src-head
mailing list