This is the mail archive of the
libc-alpha@sourceware.org
mailing list for the glibc project.
Re: [PATCH][RFC] Allow explicit shrinking of arena heaps using anenvironment variable
On 21 July 2012 08:10, Rich Felker <dalias@aerifal.cx> wrote:
> It does not give regular programs extra security. The "security"
> benefit for suid programs is that data freed before the program drops
> privileges has a better chance of being obliterated by the time
> privileges are dropped, at which time there's a good possibility that
> the real user who invoked the program might be able to access its
> memory.
Based on the madvise man page (and also comments earlier in the
thread), MADV_DONTNEED also always[1] zeroes pages before subsequent
accesses to it, so isn't the page protection the only additional
action that the overlapping mmap provides? It shouldn't matter when
the pages get zeroed, since from the real user perspective, they're
zeroed pages.
Regards,
Siddhesh
[1] MADV_DONTNEED
Do not expect access in the near future. (For the time being,
the application is finished with the given range, so the kernel can
free resources associated
with it.) Subsequent accesses of pages in this range will
succeed, but will result either in reloading of the memory contents
from the underlying mapped file
(see mmap(2)) or zero-fill-on-demand pages for mappings without
an underlying file.
--
http://siddhesh.in