On Tue, 2017-09-19 at 21:07 +0200, Michael Kerrisk (man-pages) wrote: > Thanks. I applied this, and tweaked the madvise.2 text a little, to > read as follows (please let me know if I messed anything up): > > MADV_WIPEONFORK (since Linux 4.14) > Present the child process with zero-filled > memory in this > range after a fork(2). This is useful in forking > servers > in order to ensure that sensitive per- > process data (for > example, PRNG seeds, cryptographic secrets, and so > on) is > not handed to child processes. > > The MADV_WIPEONFORK operation can be applied > only to pri‐ > vate anonymous pages (see mmap(2)). That looks great. Thank you, Michael! -- All rights reversed
Attachment:
signature.asc
Description: This is a digitally signed message part
