Subject: Re: cvs commit: src/lib/libc/db/hash hash_buf.c
To: Justin T. Gibbs <gibbs@freefall.freebsd.org>
From: Joe Greco <jgreco@brasil.moneng.mei.com>
List: tech-userlevel
Date: 10/18/1996 11:21:16
> >Would it be possible to extend the db interface to have a "suicide call"
> >that wiped itself clean? Something that would not interfere with normal
> >db functions, but instead act as an extension?
>
> It shouldn't be necessary if you protect the core dump, ptrace, kmem, etc
> paths of attacks. What happens if you core dump in the library or before
> you can call the "cleanup" routine?
You have a smaller window of (potential) risk. I would assume that the
core dump is protected regardless. Then it becomes a matter of what
happens when something you do not anticipate happens, and an exploit
is devised.
(I know, I know, I should think more positively) :-)
... JG