[SERVER-21503] Update SecureAllocator to use MADV_DONTDUMP Created: 17/Nov/15  Updated: 13/Aug/16  Resolved: 10/Aug/16

Status: Closed
Project: Core Server
Component/s: Internal Code, Security
Affects Version/s: 3.2.0-rc2
Fix Version/s: 3.3.11

Type: Improvement Priority: Major - P3
Reporter: Mira Carey Assignee: Waley Chen
Resolution: Done Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Backwards Compatibility: Fully Compatible
Sprint: Platforms 2016-08-26
Participants:

 Description   

MADV_DONTDUMP is an option to madvise that prevents regions of memory from showing up in core dumps.

We should change SecureAllocator to set this option for the pages it maps on linux, because otherwise users have to disable core dumps, otherwise they risk dumping their "secure data" to disk during a crash.



 Comments   
Comment by Githook User [ 10/Aug/16 ]

Author:

{u'username': u'WaleyChen', u'name': u'Waley Chen', u'email': u'waleycz@gmail.com'}

Message: SERVER-21503 Update SecureAllocator to use MADV_DONTDUMP
Branch: master
https://github.com/mongodb/mongo/commit/0c342db5f08551253ddd77c1f3d9bbedb9820ee0

Generated at Thu Feb 08 03:57:32 UTC 2024 using Jira 9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66.