Uploaded image for project: 'Core Server'
  1. Core Server
  2. SERVER-21503

Update SecureAllocator to use MADV_DONTDUMP

XMLWordPrintableJSON

    • Type: Icon: Improvement Improvement
    • Resolution: Done
    • Priority: Icon: Major - P3 Major - P3
    • 3.3.11
    • Affects Version/s: 3.2.0-rc2
    • Component/s: Internal Code, Security
    • None
    • Fully Compatible
    • Platforms 2016-08-26

      MADV_DONTDUMP is an option to madvise that prevents regions of memory from showing up in core dumps.

      We should change SecureAllocator to set this option for the pages it maps on linux, because otherwise users have to disable core dumps, otherwise they risk dumping their "secure data" to disk during a crash.

            Assignee:
            waley.chen Waley Chen
            Reporter:
            mira.carey@mongodb.com Mira Carey
            Votes:
            0 Vote for this issue
            Watchers:
            4 Start watching this issue

              Created:
              Updated:
              Resolved: