17 May
2017
17 May
'17
12:45 a.m.
On 16 May 2017 at 19:21, teor teor2345@gmail.com wrote:
Even worse: can an exploit read this file to find out the memory layout?
(I think the answer is: yes, but it doesn't matter, because it would have to run arbitrary code to read the file. Maybe.)
My attitude towards this, and what I requested of the selfrando team for Mozilla's investigation, is that the seed/layout be written to disk and erased from memory. An attacker who gets an information disclosure could steal the seed from memory otherwise and undo the protection. Arbitrary file reads are less common that infoleaks. (And we want to keep the mapping around for debugging crashes.)
-tom