Bug#628383: [kfreebsd-*] test failure: test-secmem
Petr Salinger
Petr.Salinger at seznam.cz
Sun May 18 20:11:55 UTC 2014
>> Maye I misunderstood something but i think there's a reason the
>> memory is mlocked; to avoid leaking sensitive information into swap.
As far as I know, there is no gurantee, that mlocked memory
will not go into swap when whole PC is suspended, even under Linux.
man mlock (from Linux Programmer's Manual)
Cryptographic security software often handles
critical bytes like passwords or secret keys as data structures.
As a result of paging, these secrets could be transferred onto a
persistent swap store medium, where they might be accessible to the
enemy long after the security software has erased the secrets in
RAM and terminated. (But be aware that the suspend mode on laptops and
some desktop computers will save a copy of the system's RAM to
disk, regardless of memory locks.)
> We can't just kill off security by patching out the check for
> working mlock. Atleast not without a big fat warning dialog
> where the user opts out of security first.
As you can see from above, there is not guaranteed security
even under Linux.
The FreeBSD only adds additional (allowed by POSIX) restriction,
mlock needs root priviledges.
It can be solved by setting setuid bit under GNU/kFreeBSD.
Petr
More information about the pkg-gnome-maintainers
mailing list