On Thu, Jun 13, 2013 at 08:09:09AM +0200, Peter Lieven wrote: > I was thinking if it would be a good idea to zeroize all memory resources on > system reset and > madvise dontneed them afterwards. This would avoid system reset attacks in > case the attacker > has only access to the console of a vServer but not on the physical host and > it would shrink > RSS size of the vServer siginificantly.
I wonder if you'll hit weird OS installers or PXE clients that rely on stashing stuff in memory across reset. Stefan