One or more aspects relate to sensitive data protection technology, and more particularly, to protecting sensitive data in a software product to avoid sensitive data leak during core dumps.
Most of the existing operating systems and software products support a core dump mechanism. When a software product crashes during running, the operating system generates a core dump and creates a core dump file. The core dump file saves the data in the memory at the crash point, which helps in troubleshooting. It is understood that the crash problem is very hard to reproduce in the test environment since such problem may depend on some special data of the running environment. The core dump file can truly record the state of the computer's memory when a crash happens. Therefore, the data in the core dump file is very helpful for developers to debug the software product. In many cases, debugging the core dump file is the most efficient method to find out the root causes and accordingly solve the crash problem. In this sense, the core dump mechanism is useful for developing and debugging the software product.
On the other hand, the data in the memory is fully recorded during the core dump process, so the core dump file may contain sensitive data, especially in the case that the software product is for a finance related system or a security related system. When the software product provider requires a core dump file for debugging, the software product user is often concerned about sensitive data leak.
Software product providers, especially some system level software providers, hope to reduce the risk of exposing the sensitive data when the core dump happens. This requires the software product developers to release or remove data structures or data variants associated with sensitive data in the memory.
Some software providers may also provide other methods to help debug different problems. These methods also dump some structures and caches in the memory to a file. For example, some operating systems use a core trace program for problem debugging, which writes some trace entries as defined by the developers to the trace buffer. While the trace is recycled, the content in the trace buffer is formatted to the readable trace report file. In addition, the other software products running on the operating system also use the trace mechanism to dump the data in the memory to readable text files. If the software product user worries about exposure of sensitive data and does not want to provide enough debug data, it will make debugging the problem more difficult or impossible.
So it is desired to protect the sensitive data in the software product, so as to avoid sensitive data leak during the core dump.