Re: memory pages nulling when releasing
- From: Chuck Swiger <cswiger@xxxxxxx>
- Date: Sun, 18 Jun 2006 08:52:18 -0400
Nick Borisov wrote:
Could you tell me if FreeBSD supports memory page nulling when
releasing it to prevent unauthorized access to data left in the page
after it's allocated again.
Yes, FreeBSD has a mechanism for "zero-filling" used pages before they are allocated to another process, although this is normally deferred for a while to promote reuse of the page if the original process needs to use it again.
If it does, what sys calls etc provide that?
IMHO this is an important issue when operating data with different
sensivity levels.
You can set some malloc() tunables to control some of this, although if you are trying to do secure programming of sensitive data, look towards mlock() to keep the data resident and unpageable to keep it out of the VM system and potentially the swapfile.
Look at the source for GnuPG, for example, or OPIE...
--
-Chuck
_______________________________________________
freebsd-security@xxxxxxxxxxx mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "freebsd-security-unsubscribe@xxxxxxxxxxx"
- References:
- memory pages nulling when releasing
- From: Nick Borisov
- memory pages nulling when releasing
- Prev by Date: Re: memory pages nulling when releasing
- Next by Date: Re: memory pages nulling when releasing
- Previous by thread: Re: memory pages nulling when releasing
- Next by thread: Re: memory pages nulling when releasing
- Index(es):
Relevant Pages
|
|
