did you really expunge that key?
Peter Gutmann
pgut001 at cs.auckland.ac.nz
Fri Nov 8 22:55:49 EST 2002
"John S. Denker" <jsd at monmouth.com> writes:
>On which systems is all this really an issue, and when?
The majority of them.
>Which operating systems "leak" memory between processes in this way?
Win32 via ReadProcessMemory. Most Linux systems which set up the user as root
when they install the OS. The combined total would be what, 97%? 98%? 99%? of
the market?
>Which operating systems write core dumps that can be read by non-privileged
>users?
Watson under Win32, any Unix system with poor file permissions (which means a
great many of them). Again, that's most of the market.
This *is* a serious issue, which is why any security software worth its salt
takes care to zeroise memory after use.
Peter.
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at wasabisystems.com
More information about the cryptography
mailing list