Password theft from memory?
Modulok
modulok at gmail.com
Sun Apr 24 17:36:40 UTC 2011
I don't know if this is a problem on FreeBSD...
Process A requests memory.
Process A Stores a plaintext password in memory or other sensitive data.
Process A terminates and the memory is reclaimed by kernel.
Process B requests a *huge* chunk of memory.
Process B crawls the uninitialized memory, looking for ProcessA's previously
stored password.
Does anyone know if this is even possible on FreeBSD?
Thanks!
-Modulok-
More information about the freebsd-questions
mailing list