[erlang-questions] Erlang VM: how clean is our memory?

Alex Arnon alex.arnon@REDACTED
Thu Apr 28 14:21:33 CEST 2011 

Like this, for instance (presentation from 2004, many additions made since
then :) ): http://www.openbsd.org/papers/auug04/index.html
Zeroed pages (common for all BSDs, I think) are created in the background by
the kernel. It always ensures that sbrk() and equivalent will provide the
user process with a zeroed-out page.
All these "tricks" make OpenBSD somewhat heavier, but very very secure by
default.


On Thu, Apr 28, 2011 at 12:44 PM, Angel Alvarez <clist@REDACTED> wrote:

> El Jueves, 28 de Abril de 2011 10:46:59 Alex Arnon escribió:
> > Hi All,
> >
> > We've recently been discussing the security of OS and VM stacks here, and
> > several questions came up with regards to the Erlang VM. Specifically,
> the
> > values of "new" and "old" memory.
> > As an example, take the OpenBSD Unix-like OS. These guys are fanatics for
> > security, and take various steps to ensure that the system is as
> unbreakable
> > as possible, and in the event of breakage - to make life hard (if not
> > impossible) for the intruder.
> > This includes:
> > - Randomization of integer handles, e.g. accepted socket ports.
> > - Randomization of memory mapping location, e.g. DLLs (SO) will be loaded
> in
> > random locations in memory.
>
> I thougth that the famous kdeinit trick make kde apps inherit all kde libs
> at the same memory mapping to save pages
>
> How does this stuff behave on OpenBSD?
>
> > - Newly mapped memory pages are always zeroed before attachment to a
> > process's virtual space.
> > - Swap can be encrypted, or zeroed, on the fly.
> > - The memory allocator also zeroes out freed space.
> >
> > In the context of the Erlang BEAM VM, we're interested in the contents of
> > memory. What happens, for instance, when:
> > - A process is garbage collected.
> > - A process is terminated.
> > Are the memory locations that have been "cleaned", zeroed out? Is it is,
> is
> > it possible to control it?
> >
> >
> > Regards,
> > Alex.
> >
>
>
>
> --
> Este correo no tiene dibujos. Las formas extrañas en la pantalla son
> letras.
> __________________________________________
>
>  Clist UAH a.k.a Angel AT uah DOT es
>
>  Angel Alvarez , Servicios Informáticos
>  Edificio Torre de Control, Campus Externo UAH
>  Alcalá de Henares 28806, Madrid
>                            ** ESPAÑA **
> __________________________________________
> Hoy no has conseguido la iluminación divina. No importa mañána será otro
> día...
> _______________________________________________
> erlang-questions mailing list
> erlang-questions@REDACTED
> http://erlang.org/mailman/listinfo/erlang-questions
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://erlang.org/pipermail/erlang-questions/attachments/20110428/ffbdb1f7/attachment.htm>

More information about the erlang-questions mailing list