[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PROPOSED 0/4] memset_explicit patches

From: Bruno Haible
Subject: Re: [PROPOSED 0/4] memset_explicit patches
Date: Mon, 28 Nov 2022 17:04:11 +0100

Simon Josefsson wrote:
> A general observation is that I'm mixed about offering replacement of
> security-relevant APIs which do not offer the same guarantees as a
> secure implementation.  In these situations, it may actually be
> preferrably to crash or to refuse to build the application, at least by
> default.

I disagree. IMO, security is always done on a best-effort basis. There is
no 100% security.

In the case of memset_explicit, the secret may be present in memory
  - with a working memset_explicit: for 5 microseconds,
  - with a dysfunctional memset_explicit: for 5 seconds.
So, a working memset_explicit provides a 99.9999% protection, at most.
Even with a working memset_explicit, the attacker can halt the CPU at a
particular instruction before the erase (e.g. set a breakpoint at
memset_explicit :-) ), make a dump of the RAM of the process, and analyze it.

Therefore I don't think that an FTBFS or an abort() are justified if the
security guarantees cannot be met.


reply via email to

[Prev in Thread] Current Thread [Next in Thread]