[illumos-Developer] Proposal: Add memory clearing allocator to libnvpair

Garrett D'Amore garrett at nexenta.com
Wed Jan 26 18:31:28 PST 2011


In fact, the whole thing is a bit of paranoia, because nobody ought to
be able to read this memory except the process that needs it ... and
root.. which can read *everything*.

bzeroing the memory protects against leakage from one thread to another
in the event of a bug, but that is about it I think.

	- Garrett

On Wed, 2011-01-26 at 20:28 -0600, Jason King wrote:
> On Wed, Jan 26, 2011 at 8:11 PM, Samuel Younge
> <Samuel.Younge at holyroyal.com> wrote:
> > Is there an easy way to keep referenced memory that affects the internals of IKE in a more protected space?
> >
> 
> I'm not really aware of any such thing in Illumos.  The IKEv2 daemon
> is a userland daemon, with it's own address space, running with
> reduced privileges after it acquires the necessary resources (udp
> socket bound to port 500, fd for door, fd for PF_KEY socket, and forks
> off into the background).  Of course in it's current state it's not
> doing anything particularly interesting yet.
> 
> In addition, it has the notions of privilege levels (like the current
> closed source in.iked) that restricts what information can be queried
> via the cmdline (and once lowered cannot be raised again without
> stopping & restarting the daemon).
> 
> Anyone with root can read (or write) any bit of physical memory on the
> system, so I'm not sure what more can be done.  If there is something
> specific you were thinking of, please let me know more.   If you'd
> like to help out any with coding, I'd welcome any assistance (I'm
> doing this in my spare time, so it's somewhat slow going).
> 
> _______________________________________________
> Developer mailing list
> Developer at lists.illumos.org
> http://lists.illumos.org/m/listinfo/developer





More information about the Developer mailing list