Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Sensitive data in java heap dumps

Tags:

java

heap-memory

passwords

encryption

I write software that deals with various pieces of sensitive information such as email addresses, passwords and credit card numbers.

When we're having memory trouble, it'd be nice to have the application write a heap dump. Problem is that the heap dump may contain sensitive information in plain text if a thread happens to be working in the area... we don't really want that written to disk when we take such great pains to encrypt it everywhere else.

Are there means of dealing with this such as causing the JVM to write an encrypted dump?

like image 459
Royce Avatar asked Mar 30 '11 06:03

Royce

People also ask

What should I analyze in heap dump?

Heap dumps contain a snapshot of all the live objects that are being used by a running Java application on the Java heap. We can obtain detailed information for each object instance, such as the address, type, class name, or size, and whether the instance has references to other objects.

What is difference between thread dump and heap dump?

A thread dump is a dump of the stacks of all live threads. Thus useful for analysing what an app is up to at some point in time, and if done at intervals handy in diagnosing some kinds of 'execution' problems (e.g. thread deadlock). A heap dump is a dump of the state of the Java heap memory.

What are heap dumps in Java?

A heap dump is a snapshot of all the objects in the Java Virtual Machine (JVM) heap at a certain point in time. The JVM software allocates memory for objects from the heap for all class instances and arrays.

Does heap dump contain thread dump?

Yes, some heap dumps contain also thread information. HPROF files from JDK 1.6_20 (I think) and above do so. In MAT you can explore the thread stacks if you open from the query menu "Java Basics" -> "Thread Stacks". From this view you can then navigate also into the local objects of each thread frame.

1 Answers

I've been considering handling this outside if the VM. A naive approach might be to have the jvm write the dump to an encrypted loopback device. Of course this isn't totally secure as anyone with root access can get to the mount point, but this is the sort of solution I'm expecting. I might see if I can set up a FIFO that the jvm ends up writing to. I know the filename that the vm will use, so this might work depending upon how the vm would cope with that (Later: This doesn't work. The JVM complains with "File exists")

Using char arrays only mitigates the problem, but it's still possible that the array will contain some plain text at dump time.

like image 136
Royce Avatar answered Oct 28 '22 19:10

Royce
Sign in to Comment

Related questions

Is it possible to use regular expression for Jetty's servlet-mapping?
Possible to create AtomicReference that can be swapped atomically?
DRY: Minimizing repeated code in Java
Adding jars to an Eclipse plugin at runtime
GWT. Remove anchor part url
What is the right Java collection to use in this case?
Camel case in web resources
In Java Concurrency In Practice by Brian Goetz
Is there any CRM based on an modern Java EE Stack (Spring/EJB, JPA)?
What is the fastest way to compute an epsilon closure?
Postgres UTF-8 clobs with JDBC
Netbeans - Reading a data file in src folder
How to generate sounds by frequency in Java?
handling to onchange event of AutoCompleteTextField in wicket
Java question about ArrayList<Integer>[] x
Barring copy & paste, is there a way to share Java detail formatters
Setting up java Logger for a specific package
How to get a list of classes in a project that are no longer needed by anything in that project
What is a secure choice for an internet facing web server in Java?
How to extract a folder from JAR

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!