On 11/02/2011 22:13, Chris Adams wrote: > Once upon a time, Joel Rees <joel.rees@xxxxxxxxx> said: >> On Wed, Nov 2, 2011 at 10:56 AM, Bruno Wolff III <bruno@xxxxxxxx> >> wrote: >> > Unprivileged users don't have access to the previous contents of >> ram allocated >> > to their processes. >> >> You're sure about that? What evidence do you offer? Can you point to >> auto-scrub code paths in all the library APIs for freeing memory? > > Read the kernel source. > >> > What is the threat model you are trying to guard against? >> >> Rather than merely imply that such threat models are beyond the >> scope >> of Fedora, wouldn't it be better to refer the OP to a wiki article >> on >> the subject, or to the dev list if there is no wiki article? > > Go read a book on Unix. > -- > Chris Adams <cmadams@xxxxxxxxxx> > Systems and Network Administrator - HiWAAY Internet Services > I don't speak for anybody but myself - that's enough trouble. Chris is correct in saying read the kernel source. When a page is given to userspace by the kernel it is given zeroed out. The reason you would need to scrub memory is if you are reallocated a page of memory by the malloc library and not the kernel. If a memory region is freed using free and then subsequently malloced with another call it is possible for malloc to give you memory that hasn't been scrubbed. If malloc needs a new set of pages to meet your request the pages it will get from the kernel will already be zeroed. Dave -- users mailing list users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
