[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
Re: CVS commit: src
On Wed, Aug 26, 2009 at 04:21:41PM -0400, Elad Efrat wrote:
> > All recycled kernel memory, including stack frames, is considered
> > security-sensitive and not supposed to be exposed to the world. (Given
> > that you're working on the security system, you ought to know this.)
> > It is a matter of proper copyout() usage.
> If your world is userland only, as I presume by your mentioning of
> copyout(), then it's rather obvious. I'm more interested in separation
> between different kernel entities in the (far? :) future.
Entities that share the same memory space inherently have the same
trust level. At that point it becomes a nonissue, except for e.g.
cryptographic keys that should already be getting handled properly.
I'm not clear what you have in mind.
David A. Holland
Main Index |
Thread Index |