tech-security archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
Re: Zero it if you're going to copy it out.
>>>>> "Thor" == Thor Lancelot Simon <tls%panix.com@localhost> writes:
Thor> On Mon, Jun 25, 2012 at 02:16:33PM +0100, Roger Pau Monne wrote:
>>
>> Yes, it doesn't hurt to zero memory if returning it to the
>> user. Who knows what might be there previously.
Thor> I'm sorry, I can't let this go.
Cheers Thor, it's easy to lose sight of how easily kernel holes can be
introduced.
Thor> This is not a case of "it doesn't hurt" -- it's a case of
Thor> "it's absolutely necessary". It is completely unacceptable to
Thor> leak the contents of kernel memory to the user!
I think Roger's point is that only the bits that are overwritten from
userland are written back to userland - but to be fair to him, he didn't
introduce this - the original code made the same omission. However I
agree, the memory needs to be zeroed as a matter of best practice in
this case and *ALWAYS* in the general case.
Cheers,
--
Cherry
Home |
Main Index |
Thread Index |
Old Index