Is Go vulnerable to heap inspection attacks?
392 views
Skip to first unread message
Brian
May 7, 2023, 6:35:02 AM5/7/23
to golang-nuts
I haven't read anything that confirms/denies the existence of this possibility. Is it worth worrying about, and if so, what can be done to mitigate it?
Ian Lance Taylor
May 8, 2023, 8:48:41 PM5/8/23
to Brian, golang-nuts
On Sun, May 7, 2023 at 3:35 AM Brian <brian...@gmail.com> wrote:
>
> I haven't read anything that confirms/denies the existence of this possibility. Is it worth worrying about, and if so, what can be done to mitigate it?
Go provides facilities that programs can use to avoid a heap
>
> I haven't read anything that confirms/denies the existence of this possibility. Is it worth worrying about, and if so, what can be done to mitigate it?
inspection attack, but in general a program that is not extremely
careful is subject to such an attack. There is an accepted proposal
to make these attacks easier to avoid, but the proposal has not been
implemented: https://go.dev/issue/21865.
Ian
Reply all
Reply to author
Forward
0 new messages