Password theft from memory?
Modulok
modulok at gmail.com
Wed Apr 27 19:24:19 UTC 2011
>> On Sun, Apr 24, 2011 at 7:10 PM, Modulok <modulok at gmail.com> wrote:
>> > I don't know if this is a problem on FreeBSD...
>> >
>> > Process A requests memory.
>> > Process A Stores a plaintext password in memory or other sensitive
>> > data. Process A terminates and the memory is reclaimed by kernel.
>> >
>> > Process B requests a *huge* chunk of memory.
>> > Process B crawls the uninitialized memory, looking for ProcessA's
>> > previously stored password.
>> >
>> > Does anyone know if this is even possible on FreeBSD?
> AFAIK it's the responsibly of the programmer to avoid data leaking.
> Passwords are commonly overwritten as soon as they no longer needed. I
> think geli keeps persistent key information in kernel wired-memory.
If you're writing in an language which has direct memory access you can easily
overwrite sensitive regions of memory upon program exit. But what about higher
level, dynamic languages where direct memory access is not available? For
example, if I write program in Python (or a some other language) which
processes plaintext passwords or credit card numbers, on a shared host, can
that data be found in memory by another user's process designed to recognize
such patterns in large allocations? (Patterns like SS numbers, credit cards,
regions near strings like 'password' and so on.)
I know that each process has its own private memory segment, but after a
process exits, it nolonger owns that memory. What happens to it? If it's not
zeroed out by my process, and it doesn't turn into pixie food, and it's not
zeroed out by malloc... it still exists somewhere.
Maybe this would be best on hackers?
-Modulok-
More information about the freebsd-questions
mailing list