Secure Programming Books Aren’t Necessarily Correct
So I downloaded a batch of coding books from teh ol’ pirate bay. I was flipping through “Secure Programming Cookbook for C and C+”. I came across:
1.9 Disabling Memory Dumps in the Event of a Crash.
Here is an excerpt:
1.9.1 Problem
Your application stores potentially sensitive data in memory, and you want to prevent this data from being written to disk if the program crashes, because local attackers might be able to examine a core dump and use that information nefariously.
1.9.2 Solution
On Unix systems, use setrlimit( ) to set the RLIMIT_CORE resource to zero…
#include
#include
#include
void spc_limit_core(void) {
struct rlimit rlim;
rlim.rlim_cur = rlim.rlim_max = 0;
setrlimit(RLIMIT_CORE, &rlim);
}
OK, let me bust this myth and provide some insight!
While yes all of this is true however I can simply recompile my kernel with the following in sys/resource:
int setrlimit(int resource, const struct rlimit *rlim)
{
/* Success */
return 0;
}
… and core dump the process, oh snap!
So word to the wise, whenever dealing with sensitive data encrypt your buffers so while they are sitting around they will not get snatched!
AES 256 is a good start, it’s fast and secure so long you take care of your init’s, padding and most important your key!
-glitch
