On Thu, 10 Apr 2014 10:09:10 -0700 (PDT), "Scott G. Kelly" <sc...@hyperthought.com> wrote: > My friend thinks "modern" operating systems clear memory to > prevent inter-process data leakage. Of course, I agree that this is > security goodness, but I wonder if, in the name of performance, this > is "optional".
I think even early systems can't have allowed random memory contents to leak between processes. After all, insulating users from one another is pretty much the core Unix security notion. Someone more knowledgeable confirm? > I'm poking around in linux memory management code in between other > tasks, but I'll bet somebody here knows the answer. Anyone? Memory allocation via the brk system call is implemented internally as an anonymous mmap. The latter is specified to return zero-initialized memory. So both ways that malloc() uses to acquire virtual memory do initialize to zero. -pesco _______________________________________________ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography