bzero() before free()

[miguel.sanders at arcelormittal.com]

Hi Peter,

Thanks for the clarification! Makes sense :)



Met vriendelijke groet
Best regards
Bien à vous

Miguel SANDERS
ArcelorMittal Gent

UNIX Systems & Storage
IT Supply Western Europe | John Kennedylaan 51
B-9042 Gent

T +32 9 347 3538 | F +32 9 347 4901 | M +32478 805 023
E miguel.sanders at arcelormittal.com
www.arcelormittal.com/gent

-----Oorspronkelijk bericht-----
Van: openssh-unix-dev-bounces+miguel.sanders=arcelormittal.com at mindrot.org [mailto:openssh-unix-dev-bounces+miguel.sanders=arcelormittal.com at mindrot.org] Namens Peter Stuge
Verzonden: woensdag 1 april 2009 20:23
Aan: openssh-unix-dev at mindrot.org
Onderwerp: Re: bzero() before free()

miguel.sanders at arcelormittal.com wrote:
> I really don't see why you would zero a string and free the memory 
> immediately afterwards?
> Any idea why this is done?

To decrease the risk for sensitive data stored in that memory are to leak into another program in the system.

Now that the memory area is unused (or used by someone else) it might also be marked for paging, and end up being stored to swap on a hard disk.

Decrypted keys or parts of keys, as an example, can be identified even in a large data stream, so it's real bad to let them get away.

Passwords would also be bad to leak.


//Peter
_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev at mindrot.org
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev

**** 
This message and any attachment are confidential, intended solely for the use of the individual or entity to whom it is addressed and may be protected by professional secrecy or intellectual property rights. 
If you have received it by mistake, or are not the named recipient(s), please immediately notify the sender and delete the message. You are hereby notified that any unauthorized use, copying or dissemination of any or all information contained in this message is prohibited. 
Arcelormittal shall not be liable for the message if altered, falsified, or in case of error in the recipient. 
This message does not constitute any right or commitment for ArcelorMittal except when expressly agreed otherwise in writing in a separate agreement.  
****