[gnutls-help] secure deallocation?

[Olaf Till]

On Fri, Jun 12, 2015 at 04:36:23PM +0200, Nikos Mavrogiannopoulos wrote:
> On Fri, Jun 12, 2015 at 11:24 AM, Olaf Till <i7tiol at t-online.de> wrote:
> > Dear all,
> > can someone tell me the reason why gnutls_global_set_mem_functions()
> > isn't supported anymore? I might be wrong, but as I see it such a
> > functionality is needed, at least in my application:
> > I've based a plugin for parallel command execution in a cluster on
> > gnutls with SRP. Both client and server machines hold a cleartext
> > password in memory allocated by gnutls. Since gnutls just uses free(),
> > the password is not zeroed before deallocation. To my understanding,
> > after the client or server program exits, other users on these
> > machines have a chance to have the password in memory they allocate
> > which was previously allocated and freed by gnutls.
> 
> In modern operating systems such as Linux pages are zeroized before they
> are passed to other applications so this is not really a threat. The
> threat remains
> however when you have bugs like heartbleed and arbitrary memory areas are
> exposed. For that, since gnutls 3.3.x sensitive memory areas are overwritten by
> gnutls itself when needed (the focus with that change was mostly the FIPS140-2
> related algorithms so an audit in the SRP code may be needed).

Ok, thanks for the information. In particular I wasn't aware that
Linux zeroizes passed pages.

Regards, Olaf

-- 
public key id EAFE0591, e.g. on x-hkp://pool.sks-keyservers.net
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: Digital signature
URL: </pipermail/attachments/20150612/a50d8a31/attachment-0001.sig>