tech-security archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
Security properties of domain socket communication buffers
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
I'm contemplating writing a program which would send sensitive
information between processes via UNIX doamin sockets. Does NetBSD make
any guarantees that the stale contents of the communication buffer for a
domain socket will not later appear in another process's uninitialized
address space after the socket has been closed? Does it make any
guarantees that an active buffer will not swapped to disk? (I know about
mlock() but I don't think I can use it on a buffer). Are any such
guarantees portable to other UNIX derivatives?
- --
Daniel Franke df%dfranke.us@localhost http://www.dfranke.us
|----| =|\ \\\\
|| * | -|-\--------- Man is free at the instant he wants to be.
-----| =| \ /// --Voltaire
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
iF4EAREKAAYFAkoYzowACgkQ8tqcOcPA7qO4IQEAiYOmeZ568YXenVa5L4+Ll3ez
w4Lrxwh4i4BKiwgBtSYA/1QqKonaWaGYc8lLnfig6+iNP7vZf+i9Lh1EhU4FPid/
=dw17
-----END PGP SIGNATURE-----
Home |
Main Index |
Thread Index |
Old Index