Security issue notifications
If you discover a potential security issue in s2n we ask that you notify
AWS Security via our vulnerability reporting page. Please do not create a public github issue.
Problem:
#3670 discovered that FreeBSD doesn't actually define MAP_INHERIT_ZERO but instead define INHERIT_ZERO. We need to cater for that in the code because existence of MAP_INHERIT_ZERO is current a condition for enabling the minherit fork detection method.
See #3670 (comment) for more details.
Solution:
Probably re-factor to a common *BSD definition that can set a single flag depending on existence of MAP_INHERIT_ZERO, INHERIT_ZERO, .... This logic is placed somewhere appropriately.
Requirements / Acceptance Criteria:
Need to verify that fork detection method minherit is running.
Out of scope:
Is there anything the solution will intentionally NOT address?
Security issue notifications
If you discover a potential security issue in s2n we ask that you notify
AWS Security via our vulnerability reporting page. Please do not create a public github issue.
Problem:
#3670 discovered that FreeBSD doesn't actually define
MAP_INHERIT_ZERObut instead defineINHERIT_ZERO. We need to cater for that in the code because existence ofMAP_INHERIT_ZEROis current a condition for enabling theminheritfork detection method.See #3670 (comment) for more details.
Solution:
Probably re-factor to a common
*BSDdefinition that can set a single flag depending on existence ofMAP_INHERIT_ZERO,INHERIT_ZERO, .... This logic is placed somewhere appropriately.Requirements / Acceptance Criteria:
Need to verify that fork detection method
minheritis running.Out of scope:
Is there anything the solution will intentionally NOT address?