Comments (7)
here is the source code to gcore from gdb
https://github.com/bminor/binutils-gdb/blob/master/gdb/gcore.c
from secrets.
Was this built in --release
mode? We call setrlimit
to set the hard limit for RLIMIT_CORE
to 0
in non-debug builds.
from secrets.
It looks like gcore
ignores setrlimit
. I'm not sure there's anything this (or any) library can do about a user that has root
and can probe memory directly.
from secrets.
Was this built in
--release
mode? We callsetrlimit
to set the hard limit forRLIMIT_CORE
to0
in non-debug builds.
Yes it was build with --release.
I was looking for a way to protect secrets inside docker containers, guess that is a really hard one.
from secrets.
FWIW, libsodium
recently added an mshield
function that performs in-memory encryption. When that is stabilized and released, I'll be able to use it.
Of course, anyone with similar privileges can still find the key and IV in memory and decrypt the secret, but it does increase the level of effort for such an attach.
from secrets.
But yeah, fundamentally there's not much that can be done to protect against a user with root
who can read arbitrary memory. Page-level protections like mprotect
only affect the process' address space.
The main intent here is to protect against in-process bugs like those that resulted in heartbleed.
Closing since there's not much that can be done here, but when libsodium
does release a version with mshield
, I will use it for secrets allocated on the heap.
from secrets.
thanks
from secrets.
Related Issues (14)
- Relicense under dual MIT/Apache-2.0 HOT 4
- SIGSEGV on SecretVec::zero() HOT 4
- Any plans to add protection against Specte? HOT 1
- Trouble compiling on OpenBSD HOT 5
- any updates on using libsodium mshild HOT 3
- Question about linkage HOT 1
- Support linking with vcpkg on Windows
- Pure Rust implementation of libsodium/utils HOT 8
- How do I handle Strings combined with Secret(Box)? HOT 1
- `bool` and `char`'s `Bytes` implementations cause undefined behavior.
- How do I create a SecretVec which length is unknown? HOT 1
- Why do you assert! if the thread is panicking in your `Drop` implementation?
- Keep sensitive data in binary
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from secrets.