[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-bugs] #7003 [Core Tor/Tor]: Wipe relay key material from memory on common crash conditions

Subject: Re: [tor-bugs] #7003 [Core Tor/Tor]: Wipe relay key material from memory on common crash conditions
From: "Tor Bug Tracker & Wiki" <blackhole@xxxxxxxxxxxxxx>
Date: Sat, 17 Dec 2016 10:24:09 -0000
Auto-submitted: auto-generated
Delivered-to: archiver@xxxxxxxx
Delivery-date: Sat, 17 Dec 2016 05:24:18 -0500
In-reply-to: <049.4889b8577eda13275b52fee7f4519ed6@torproject.org>
List-archive: <http://lists.torproject.org/pipermail/tor-bugs/>
List-help: <mailto:tor-bugs-request@lists.torproject.org?subject=help>
List-id: "auto: Tor bug tracker status mails" <tor-bugs.lists.torproject.org>
List-post: <mailto:tor-bugs@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=unsubscribe>
References: <049.4889b8577eda13275b52fee7f4519ed6@torproject.org>
Reply-to: no-reply@xxxxxxxxxxxxxx, tor-assistants@xxxxxxxxxxxxxx
Sender: "tor-bugs" <tor-bugs-bounces@xxxxxxxxxxxxxxxxxxxx>

#7003: Wipe relay key material from memory on common crash conditions
-------------------------------------------------+-------------------------
 Reporter:  mikeperry                            |          Owner:
     Type:  enhancement                          |         Status:  new
 Priority:  High                                 |      Milestone:  Tor:
                                                 |  unspecified
Component:  Core Tor/Tor                         |        Version:
 Severity:  Normal                               |     Resolution:
 Keywords:  small-feature, tor-relay, intro,     |  Actual Points:
  tor-03-unspecified-201612                      |
Parent ID:  #5456                                |         Points:  medium
 Reviewer:                                       |        Sponsor:
-------------------------------------------------+-------------------------

Comment (by cypherpunks):

 How much sensitive material is there? Just a shot in the dark, but perhaps
 the material could be encrypted in order to keep the amount of time it's
 decrypted very short, so all it takes is wiping the master key from memory
 to make the rest of the encrypted sensitive material in memory unreadable.
 When the process is in an undefined state (according to POSIX, `SIGSEGV`
 not induced by `raise(3)` or `kill(2)` puts a process in such a state), it
 would be much easier for it to wipe a single page than it would be to find
 and wipe a time-varying amount of memory in multiple locations.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/7003#comment:13>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Prev by Author: Re: [tor-bugs] #20932 [Core Tor/Tor]: Coding Standards: No changes file for bug fix on unreleased code
Next by Author: Re: [tor-bugs] #10281 [Applications/Tor Browser]: Investigate usage of alternate memory allocators and memory hardening options
Previous by thread: Re: [tor-bugs] #6005 [Applications/Tor Browser]: Secure download of videos from YouTube
Next by thread: Re: [tor-bugs] #16633 [Applications/Tor Browser]: Enable and isolate Firefox connection prediction
Index(es):
- Author
- Thread