Re: CVS commit: src

To: rmind%netbsd.org@localhost
Subject: Re: CVS commit: src
From: Elad Efrat <elad%NetBSD.org@localhost>
Date: Wed, 26 Aug 2009 00:23:39 -0400

Unrelated to the topic of the thread, but kmem(9) says:

SECURITY CONSIDERATION
     As the memory allocated by kmem_alloc() is uninitialized, it can
     contain security-sensitive data left by its previous user.  It is
     the caller's responsibility not to expose it to the world.

Shouldn't it be the responsibility of the security-sensitive subsystem
to clear the memory before it is freed, rather than the responsibility
of every kmem_alloc() caller?

-e.

Follow-Ups:
- Re: CVS commit: src
  - From: David Holland

References:
- Re: CVS commit: src
  - From: YAMAMOTO Takashi
- Re: CVS commit: src
  - From: YAMAMOTO Takashi

Prev by Date: Re: CVS commit: src/sys/arch/i386/conf
Next by Date: Re: CVS commit: [matt-nb5-mips64] src/sys/arch/evbmips/conf
Previous by Thread: Re: CVS commit: src
Next by Thread: Re: CVS commit: src
Indexes:

Home | Main Index | Thread Index | Old Index