Uploaded image for project: 'Core Server'
  1. Core Server
  2. SERVER-21503

Update SecureAllocator to use MADV_DONTDUMP

    XMLWordPrintableJSON

Details

    • Icon: Improvement Improvement
    • Resolution: Done
    • Icon: Major - P3 Major - P3
    • 3.3.11
    • 3.2.0-rc2
    • Internal Code, Security
    • None
    • Fully Compatible
    • Platforms 2016-08-26

    Description

      MADV_DONTDUMP is an option to madvise that prevents regions of memory from showing up in core dumps.

      We should change SecureAllocator to set this option for the pages it maps on linux, because otherwise users have to disable core dumps, otherwise they risk dumping their "secure data" to disk during a crash.

      Attachments

        Activity

          People

            waley.chen Waley Chen
            mira.carey@mongodb.com Mira Carey
            Votes:
            0 Vote for this issue
            Watchers:
            4 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: