Konstantin Belousov <[email protected]> writes: > It is definitely not a security issue.
I disagree. There may be legitimate reasons for root to create an md and give read access to an unprivileged user, under the assumption that it is zeroed; or to allow root in a jail to create mds. > That said, the following patch should fix the nit. I am unsure about > it, because it fixes mostly non-issue by spending CPU time to zero a > page which would be either zeroed or overwritten right now anyway in > normal usage. You can at least partly mitigate this by adding VM_ALLOC_ZERO to the flags passed to vm_page_grab() on line 666 and then checking the PG_ZERO bit in m->flags. DES -- Dag-Erling Smørgrav - [email protected] _______________________________________________ [email protected] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-security To unsubscribe, send any mail to "[email protected]"
