memory pages nulling when releasing
R. B. Riddick
arne_woerner at yahoo.com
Sun Jun 18 20:39:06 UTC 2006
--- Nick Borisov <neiro21 at gmail.com> wrote:
> Well, providing zeroed pages to processes is not quite similar to
> explicit cleaning of pages after use as some security standards
> demand. That's why I'm asking. The "Z" malloc option seems to be
> suitable but it's actually for debugging.
>
Since you would need
(aa) root access (for reading /dev/mem (or what would it be?))
and/or
(bb) physical access (for reading the content of powered off RAM)
to the system to read the content of used pages, it would not help, if those
pages are zero-ed after their use,
because:
(AA) User root has access to every or about every page in physical memory
(e. g. while the process uses it;
or after kernel-modification).
and
(BB) The one who has physical access has root access
(e.g. by altering the content of the harddisc).
Conclusion:
Instead of zero'ing pages immediately after the process does not need them
anymore, it would be much better, to keep the system safe (especially: security
relevant software patches; and (even more) physical safety)
Or maybe I missed something... :-)
-Arne
__________________________________________________
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around
http://mail.yahoo.com
More information about the freebsd-security
mailing list