help-bash
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: feature request: use optional memory option code for per process onl

From: Alex fxmbsw7 Ratchev
Subject: Re: feature request: use optional memory option code for per process only memory, on newer linux kernels
Date: Sun, 10 Oct 2021 02:19:27 +0200 
besides higher anti hack measures to a normaler level than none is the only
reason for me writing about it
sorry for disturbing..

On Sun, Oct 10, 2021, 02:16 Kerin Millar <kfm@plushkava.net> wrote:

> On Sun, 10 Oct 2021 01:04:36 +0200
> Alex fxmbsw7 Ratchev <fxmbsw7@gmail.com> wrote:
>
> > On Sun, Oct 10, 2021, 00:56 Greg Wooledge <greg@wooledge.org> wrote:
> >
> > > On Sun, Oct 10, 2021 at 12:51:45AM +0200, Alex fxmbsw7 Ratchev wrote:
> > > > i read in an article vaguely linux just nownincluded a memory code
> iption
> > > > for 'memory accessable only by process' or similiar
> > > > could you please utilize it
>
> Note that this is the wrong list for feature requests.
>
> > >
> > > Can you give us more details about this -- a URL that describes this
> > > new feature?  Or even its name, so we could Google it?
> > >
> >
> > i sadly cant find any hint about it in my bookmarks or history, i think
> > googles bug that is
> > i think it was in the news about releaee notes for 5.14
> > it was a BIG_CASE mem tag flag to use
>
> Ah. You are probably thinking of what became the memfd_secret(2) syscall.
>
> >
> > [for 5.16 futex2 may be sheduled, good for ipc]
> >
> > How does this differ from memory that's allocated the old-fashioned way?
> > >
> >
> > it just as far i read but may not be limited to, mark allocated memory by
> > kernel interface only accessable by own process ( dunno if its just that
> )
> > that makes the whole sound more secure
> > id use it everywhere
>
> Would you, though? It seems like a case of putting the cart before the
> horse.
>
> > but yea i dunno, there are no benefits for syses without this feature
> > but i think its a very major feature coding facilities shouldnt miss
> >
> > How would you propose that bash make use of it?  What benefits does it
> > > offer?  What would bash do on other platforms where this feature does
> > > not exist?
> > >
> >
> > i dunno either how would be implented, and dunno if for all or just parts
> > user specified
> > 'own_map' or something
>
> You would need to address the question of what sort of information bash
> deals with that is so important that it is worth protecting from the kernel
> itself. The only candidate that I can think of is the history buffer. Keep
> in mind that the feature is unusable unless the kernel is loaded with the
> secretmem_enable=1 parameter, in which case hibernation becomes impossible.
> Being an opt-in feature makes it harder to argue that it is worth
> supporting as a platform-specific feature except where there is a distinct
> benefit, such as in the handling of cryptographic keys.
>
> --
> Kerin Millar
>
reply via email to
[Prev in Thread] Current Thread [Next in Thread]