[bitc-dev] nondeterminism and access control
Philipp Klaus Krause
pkk at spth.de
Sun Mar 15 19:22:19 EDT 2009
Geoffrey Irving schrieb:
> A thought that occurred to me after the discussion of array
> initialization: allowing user access to uninitialized memory opens a
> security hole. It would become possible to read passwords or other
> sensitive data out of the "uninitialized" memory, which would rule out
> the use of BitC for intraprocess access control setups. I think this
> is more than enough to kill the idea of an uninitialized allocation
> primitive.
>
> Geoffrey
Since you want the zeroing done for security reasons: Wouldn't it make
much more sense to zero upon deallocation?
Philipp
More information about the bitc-dev
mailing list