Does Linux process exist information leakage?
Dave Hylands
dhylands at gmail.com
Wed Jan 11 11:45:27 EST 2012
Hi,
On Wed, Jan 11, 2012 at 4:53 AM, 夏业添 <summerxyt at gmail.com> wrote:
> Hi,
> My tutor asked me to test whether one process leaves information in
> memory after it is dead. I tried to search some article about such thing on
> the Internet but there seems to be no one discuss about it. And after that,
> I tried to write some program in the User Mode to test it, using fork() to
> create lots of processes and filling char 'a' into a 102400 bytes char array
> in each process. Then I used malloc() to get some memory to seek char 'a' in
> a new one process or many new processes, but failed. All memory I malloced
> was full of zero.
Yeah - so if it were possible for one process to get information about
another process like that you would have a security leak.
> As the man page of malloc said:"The memory is not initialized", I believe
> that the memory which was got by malloc() could be used by other process,
> and therefor information leakage exists. But how can I test it? Or where can
> I get related information?
All pages allocated from the OS will be initially zero'd, however,
once your process owns the page, if you filled it with Z's and then
freed it and reallocated you might very weill get your Z's back
instead of 0's. You'll never get data from another process though.
--
Dave Hylands
Shuswap, BC, Canada
http://www.davehylands.com
More information about the Kernelnewbies
mailing list