From owner-freebsd-questions@FreeBSD.ORG Tue Apr 26 09:48:57 2011 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 80B891065679 for ; Tue, 26 Apr 2011 09:48:57 +0000 (UTC) (envelope-from bruce@cran.org.uk) Received: from muon.cran.org.uk (muon.cran.org.uk [IPv6:2a01:348:0:15:5d59:5c40:0:1]) by mx1.freebsd.org (Postfix) with ESMTP id 2388B8FC12 for ; Tue, 26 Apr 2011 09:48:57 +0000 (UTC) Received: from muon.cran.org.uk (localhost [127.0.0.1]) by muon.cran.org.uk (Postfix) with ESMTP id E1C0BE61CC; Tue, 26 Apr 2011 10:48:55 +0100 (BST) DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=cran.org.uk; h=date:from :to:cc:subject:message-id:in-reply-to:references:mime-version :content-type:content-transfer-encoding; s=mail; bh=iyclz76nCjaS bO8fLC7laYClnUg=; b=wIULovJA2zt9oENCyBqPDld9S5/ocQBQBIN5ex0gY14o cEXd9IgWoHqlZTWL7rkzvo9HTReWu0rXRnhYS47qifys4Oy3uyAsE8LmdVJwLdm6 cDFYsdpEjQzxktQasWgCeME7m5/80gkNay4IQTVGNmTsDWZmip1Cal8RQGx67+s= DomainKey-Signature: a=rsa-sha1; c=nofws; d=cran.org.uk; h=date:from:to :cc:subject:message-id:in-reply-to:references:mime-version :content-type:content-transfer-encoding; q=dns; s=mail; b=btkLBt PepraT6A+b9ILAjG3ozRVt+ziJ1NDW2VcneJoMPOdm8eb5mrAy4lb/1vaYeVy5yE UawGwXpNVoAeYxWDhulPQ73m4uoQT2MDjyIB0YP7vKcK7vd/1j9z9Bx2BaPdNwUW 9PJ8Vy/zXDWuimJga7/uqs+5cryycdc9ug5do= Received: from unknown (188-222-18-231.zone13.bethere.co.uk [188.222.18.231]) (using TLSv1 with cipher DHE-RSA-AES128-SHA (128/128 bits)) (No client certificate requested) by muon.cran.org.uk (Postfix) with ESMTPSA id BA3B4E61C9; Tue, 26 Apr 2011 10:48:55 +0100 (BST) Date: Tue, 26 Apr 2011 10:48:53 +0100 From: Bruce Cran To: RW Message-ID: <20110426104853.00005460@unknown> In-Reply-To: <20110425232908.4104e026@gumby.homeunix.com> References: <20110425151846.0a5359fd@gumby.homeunix.com> <20110425151536.GA61425@stainmore> <20110425175420.GA61811@stainmore> <20110425232908.4104e026@gumby.homeunix.com> X-Mailer: Claws Mail 3.7.8cvs47 (GTK+ 2.16.6; i586-pc-mingw32msvc) Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Cc: freebsd-questions@freebsd.org Subject: Re: Password theft from memory? X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 26 Apr 2011 09:48:57 -0000 On Mon, 25 Apr 2011 23:29:08 +0100 RW wrote: > The reason I thought that heap memory isn't zeroed is from the > discussion of pre-zeroed pages in this article: There's an idlezero task that runs by default (via the vm.idlezero_enable sysctl), zeroing unused pages, but malloc itself doesn't zero memory on demand by default. If you enable the 'Z' malloc.conf(3) option it does, though: Z Each byte of new memory allocated by malloc(), realloc() or reallocf() will be initialized to 0. Note that this initializa- tion only happens once for each byte, so realloc() and reallocf() calls do not zero memory that was previously allocated. This is intended for debugging and will impact performance negatively. -- Bruce Cran