tech-security archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
Zero it if you're going to copy it out.
On Mon, Jun 25, 2012 at 02:16:33PM +0100, Roger Pau Monne wrote:
>
> Yes, it doesn't hurt to zero memory if returning it to the user. Who
> knows what might be there previously.
I'm sorry, I can't let this go.
This is not a case of "it doesn't hurt" -- it's a case of "it's absolutely
necessary". It is completely unacceptable to leak the contents of kernel
memory to the user!
Thor
Home |
Main Index |
Thread Index |
Old Index