Darren Reed wrote:
> Simon 'corecode' Schubert wrote:
> ...
>> But the writer is not supposed to write there in the first place!  But
>> even if this is a bug in the writer (writing after the end of the
>> (mapped) file), it is still writing to a file which can be read by users
>> with the appropriate permissions.  I don't really see a security problem
>> there.
> 
> If buggy software writes in an area of memory that it shouldn't,
> lets say it puts your password there by accident, then it appears
> another process can get that.

Well of course.  But if you consider situations like that you need to stop using a computer:  the same buggy program might write the password not *after* the mapped file, but *into*.  There you go, even more severe problem.

cheers
  simon

-- 
Serve - BSD     +++  RENT this banner advert  +++    ASCII Ribbon   /"\
Work - Mac      +++  space for low €€€ NOW!1  +++      Campaign     \ /
Party Enjoy Relax   |   http://dragonflybsd.org      Against  HTML   \
Dude 2c 2 the max   !   http://golden-apple.biz       Mail + News   / \