[TALK] Proving fundamental Unix guarantees

Chris Maltby chris at sw.oz.au
Mon Jun 30 17:06:23 EST 2003


On Mon, Jun 30, 2003 at 04:07:14PM +1000, Adam Donnison wrote:
> This might help.
> 
> http://www.cs.princeton.edu/courses/archive/spring02/cs217/lectures/memory.pdf
> 
> As it states, its always bad form to rely on supposed initial
> values. It is far better to assume all memory that does not
> have a value specifically allocated to it is going to be trash.

While this is a true statement, it is not due to Unix and Linux
systems not initialising global variables but other softwares
sometimes described as operating systems.

As others pointed out, the security implications of assigning
pages to a process address space or disk blocks to files without
clearing out their previous contents are unthinkable for most
environments.

A page which is assigned to a process is always initialised to
something - either from the contents of a file or the swap space,
or explicitly to zero if the page is mapped from /dev/zero or the
equivalent (ie bss). You _can_ rely on this. The page clearing is
done just before re-assignment in case some other process asks
for the original contents in the meantime, which is why you can
see all sorts of old information if you dig around in /dev/mem.

Static variables which occupy space on the stack are not
explicitly initialised whenever they come into scope unless
you write code to do it. Most C compilers will warn about the
liklihood of such variables being used before they are set.

The original poster's problem sounds like a serious bug in the
_application_ - not the OS...

Chris



More information about the Talk mailing list