memory pages nulling when releasing
R. B. Riddick
arne_woerner at yahoo.com
Mon Jun 19 10:43:04 UTC 2006
--- Dan Lukes <dan at obluda.cz> wrote:
> [...] Thus, keeping sensitive informations within memory for short
> time only MAY reduce the risk level. The intruder need wait for
> information to appear in memory again - but it cost time. [...]
>
That is true - it costs time...
But if a bad guy has already root access it does not really matter,
(aa) if he has to wait for some minutes or hours,
or
(bb) if he has just a small time window
or
(cc) if he can immediately start with scanning for secrets in /dev/mem.
I say, in that case there is no security (it might be even possible to present
the old state of the system to the outside via a modified kernel, that has
"very strange ideas" about the correct results of certain syscalls, and that
gets activated after a spontaneous reboot due to non-further specified reasons
(maybe due to a power failure or a failure in the old UPS-device or a mobile
phone that somebody possibly used inside the fully air-conditioned centre?;
does somebody know, what "dd if=/dev/zero of=/dev/mem" does?)...)...
As far as I understood the answers so far, OpenSSH and such tools are aware of
that slightly increased risk, so that they zero the memory areas that contained
sensitive data as soon as they are not needed anymore... So everything is fine
and alright... ;-))
:-))
-Arne
__________________________________________________
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around
http://mail.yahoo.com
More information about the freebsd-security
mailing list