Hello! On Fri, Apr 11, 2014 at 01:22:21PM -0400, Salz, Rich wrote: > Akamai Technologies is pleased to offer the following patch to OpenSSL. It > adds a "secure arena" that is used to store RSA private keys. This arena is > mmap'd, with guard pages before and after so pointer over- and under-runs > won't wander into it. It's also locked into memory so it doesn't appear on > disk, and when possible it's also kept out of core files. This patch is a > variant of what we've been using to help protect customer keys for a decade.
Have you thought about mprotecting the guard pages with mprotect(PROT_NONE) so the application crashes in case of a stray memory access? Thanks, Hannes ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
