On Mon, 2017-10-09 at 21:06 +0200, Michael Kerrisk (man-pages) wrote: > Hi Rik, > > I have a follow-up question re wipe-on-fork. What are the semantics > for this setting with respect to fork() and exec()? That is, in the > child of a fork(), does the flag remain set for the specified address > range? (My quick read of the source suggests yes, but I have not > tested.) And, when we do an exec(), my assumption is that the flag is > cleared for the address range, but it would be good to have > confirmation. Indeed, on exec() the flag is cleared, because all memory regions get replaced on exec(). The flag remains across a fork(), so if a child task were to fork, the memory would be empty of contents again in its child. This seems to most closely match the use case of discarding things like cryptographic secrets at fork time. -- To unsubscribe from this list: send the line "unsubscribe linux-man" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
