我已经注意到某些程序明确使用后零敏感的内存分配。例如,OpenSSL的具有用来清除RSA密钥占用的存储器的方法:
释放的RSA RSA的结构,这个功能应该总是被用来释放RSA的结构,因为它也首先清空内存释放子场安全。
www.rsa/products/bsafe/documentation/sslc251html/group__COMMON__RSA__KEY__FUNCS.html#aRSA_free
凡(C / C ++)程序包含这样敏感的变量,你应该明确地零的记忆,如上面? (或者说,是zero'ing内存偏执,或只是一个保障的行为)?
此外,当一个节目结束后,任何分配的内存被最终分配到其他程序。在Linux系统中,内存清洁或消毒被分配到另一个程序之前?或者,可以在第二个程序读取一些的第一个节目的旧内存的内容?
解决方案在Linux系统中,是被分配到另一个程序之前清理或消毒的记忆?
是的,在任何可敬的桌面操作系统,内存从进程到另一个过去了消毒。您所观察到的清洁步骤是其他类型的攻击,以保护从code在同一个地址空间执行或获得权限允许它读取目标进程的内存空间中。
凡(C / C ++)程序包含这样敏感的变量,你应该明确地零内存,如上?
这是一个非常明智的保障,消除这些敏感数据一旦你不需要它了。
I have noticed some programs explicitly zero sensitive memory allocations after use. For example, OpenSSL has a method to clear the memory occupied by an RSA key:
"Frees the RSA structure rsa. This function should always be used to free the RSA structure as it also frees sub-fields safely by clearing memory first."
www.rsa/products/bsafe/documentation/sslc251html/group__COMMON__RSA__KEY__FUNCS.html#aRSA_free
Where any (C/C++) program contains sensitive variables like this, should you explicitly zero the memory, as above? (Or, is zero'ing memory an act of paranoia or just a safeguard)?
Also, when a program finishes, any allocated memory is eventually allocated to another program. On a Linux system, is the memory cleaned or sanitised before being allocated to another program? Or, can the second program read some of the old memory contents of the first program?
解决方案On a Linux system, is the memory cleaned or sanitised before being allocated to another program?
Yes, on any respectable desktop OS, memory is sanitised when passed from a process to another. The cleaning step that you have observed is to protect from other attacks, from code executing in the same address space or obtaining privileges allowing it to read memory from the target process's memory space.
Where any (C/C++) program contains sensitive variables like this, should you explicitly zero the memory, as above?
It's a very sensible safeguard to erase this sensitive data as soon as you don't need it any more.
更多推荐
明确结算/归零后使用敏感变量明智?
发布评论