Red Hat Bugzilla – Bug 121033
CAN-2004-0177 ext3 infoleak
Last modified: 2007-11-30 17:06:54 EST
Whenever you create a file on an ext3fs filesystem, some amount of other in-memory data, _not_ the file's contents and _not_ something which is present in the same filesystem or which previously was in a file at all, gets written to the device holding the filesystem. Could be a security issue if you have stuff in memory like crypto keys and don't expect them to get stuck on disk (well unless swapped) Issue is a fairly minor severity Reported by Solar Designer of OpenWall on Feb28 Embargo lifted April 14th 2004
An errata has been issued which should help the problem described in this bug report. This report is therefore being closed with a resolution of ERRATA. For more information on the solution and/or where to find the updated files, please follow the link below. You may reopen this bug report if the solution does not work for you. http://rhn.redhat.com/errata/RHSA-2004-505.html