Password theft from memory?

Modulok modulok at gmail.com
Sun Apr 24 17:36:40 UTC 2011


I don't know if this is a problem on FreeBSD...

Process A requests memory.
Process A Stores a plaintext password in memory or other sensitive data.
Process A terminates and the memory is reclaimed by kernel.

Process B requests a *huge* chunk of memory.
Process B crawls the uninitialized memory, looking for ProcessA's previously
stored password.

Does anyone know if this is even possible on FreeBSD?

Thanks!
-Modulok-


More information about the freebsd-questions mailing list