Difference between revisions of "Security/Guidelines/clearing memory"
Robert-clark (talk | contribs) (Created page with "Purging sensitive data from memory is a defence-in-depth technique that serves to improve the overall security of a running system. Sensitive Data can be anything from configu...") |
(No difference)
|
Latest revision as of 15:34, 16 January 2014
Purging sensitive data from memory is a defence-in-depth technique that serves to improve the overall security of a running system. Sensitive Data can be anything from configuration parameters to usernames or even data encryption keys.
Typically the memory of a running process is accessible only by the process itself and privileged system components such as the kernel. However there are many vulnerabilities that when exploited can cause part or all of a processes memory to be exposed to third parties, these vulnerabilities are collectively referred to as "Information Leakage". Many complex software projects suffer from information leakage vulnerabilities of some sort, the widely publicized VMware breakout utilized an information leakage vulnerability in a poorly written driver to attack deeper parts of the system by reading data structures from within the process.
(Needs a different example) (Add something about swapping sensitive info to disk)
Wherever possible sensitive data should be purged from memory.
