Simon 'corecode' Schubert wrote:
...
> But the writer is not supposed to write there in the first place!  But
> even if this is a bug in the writer (writing after the end of the
> (mapped) file), it is still writing to a file which can be read by users
> with the appropriate permissions.  I don't really see a security problem
> there.

If buggy software writes in an area of memory that it shouldn't,
lets say it puts your password there by accident, then it appears
another process can get that.

It is a security exposure (but not a serious one) because it is a
means for data from one application to be "stolen" by another.

Darren