From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <gdb-return-28713-listarch-gdb=sources.redhat.com@sourceware.org>
Received: (qmail 874 invoked by alias); 11 Jun 2007 09:32:37 -0000
Received: (qmail 862 invoked by uid 22791); 11 Jun 2007 09:32:36 -0000
X-Spam-Check-By: sourceware.org
Received: from ns2.suse.de (HELO mx2.suse.de) (195.135.220.15)     by sourceware.org (qpsmtpd/0.31) with ESMTP; Mon, 11 Jun 2007 09:32:34 +0000
Received: from Relay2.suse.de (mail2.suse.de [195.135.221.8]) 	(using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) 	(No client certificate requested) 	by mx2.suse.de (Postfix) with ESMTP id 9EF55215C2; 	Mon, 11 Jun 2007 11:32:27 +0200 (CEST)
From: Andreas Schwab <schwab@suse.de>
To: Oliver Welter <mail@oliwel.de>
Cc: Tavis Ormandy <taviso@sdf.lonestar.org>, gdb@sourceware.org
Subject: Re: How to protect a file from debugging
References: <466D04E1.4010905@oliwel.de> 	<20070611091627.GB8386@sdf.lonestar.org> <466D14D5.4020007@oliwel.de>
X-Yow: Is this where people are HOT and NICE and they give you TOAST for  FREE??
Date: Mon, 11 Jun 2007 09:32:00 -0000
In-Reply-To: <466D14D5.4020007@oliwel.de> (Oliver Welter's message of "Mon\, 11 	Jun 2007 11\:24\:37 +0200")
Message-ID: <je8xaqg7l3.fsf@sykes.suse.de>
User-Agent: Gnus/5.110006 (No Gnus v0.6) Emacs/22.0.97 (gnu/linux)
MIME-Version: 1.0
Content-Type: text/plain; charset=iso-8859-1
Content-Transfer-Encoding: 8bit
X-IsSubscribed: yes
Mailing-List: contact gdb-help@sourceware.org; run by ezmlm
Precedence: bulk
List-Id: <gdb.sourceware.org>
List-Subscribe: <mailto:gdb-subscribe@sourceware.org>
List-Archive: <http://sourceware.org/ml/gdb/>
List-Post: <mailto:gdb@sourceware.org>
List-Help: <mailto:gdb-help@sourceware.org>, <http://sourceware.org/ml/#faqs>
Sender: gdb-owner@sourceware.org
X-SW-Source: 2007-06/txt/msg00071.txt.bz2

Oliver Welter <mail@oliwel.de> writes:

> Ok here is what I am planing:
>
> I have an application, lets say a simple text editor, that is used to
> read/write sensitive information.
> Now I start gdb, attach it to the process and call "gcore" which - for
> my understanding - dumps the entire memory of the process to a file. So
> the core dump reveals my secret data.

Why is that a problem?  You are one only reading the same secret data
that you just entered yourself in the editor.

Andreas.

-- 
Andreas Schwab, SuSE Labs, schwab@suse.de
SuSE Linux Products GmbH, Maxfeldstraße 5, 90409 Nürnberg, Germany
PGP key fingerprint = 58CA 54C7 6D53 942B 1756  01D3 44D5 214B 8276 4ED5
"And now for something completely different."