Dear managers,
I just discovered, that Tru64 Unix kernel does not clean up memory
fall-out left over by user programs. This is a security problem, if
sensitive data is handled in memory, such as passwords or SSH (secure
shell) passphrases etc. authentication info.
Scenario:
You make a sniffer program, that finds all ssh-processes running. When
an ssh-process quits, the sniffer starts malloc():ing memory like
crazy, preferably all available RAM. Then all it needs to do is to scan
the malloc'd memory to find out the SSH private key for some other user
(hopefully root, of course). This would naturally work with any program
having that kind of information, like login or whatever.
If the unix kernel would clean up (zero) the data area used by a
process before giving away the memory, then the above wouldn't work.
This is how Linux kernel handles it, btw. Of course, the
cleanup procedure would cause some overhead to every process
termination, but on an alpha, there is probably enough horsepower to
allow that.
Question: Does the kernel clean up memory, if the system is set to
enhanced (C2) security level? The above was tested in BSD (BASE)
security level.
ArNO
2
Received on Fri Aug 13 1999 - 07:35:26 NZST