From owner-cvs-lib Thu Oct 17 11:42:32 1996 Return-Path: owner-cvs-lib Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id LAA20346 for cvs-lib-outgoing; Thu, 17 Oct 1996 11:42:32 -0700 (PDT) Received: from critter.tfs.com ([140.145.230.177]) by freefall.freebsd.org (8.7.5/8.7.3) with ESMTP id LAA20273; Thu, 17 Oct 1996 11:42:03 -0700 (PDT) Received: from critter.tfs.com (localhost.tfs.com [127.0.0.1]) by critter.tfs.com (8.7.5/8.7.3) with ESMTP id UAA04133; Thu, 17 Oct 1996 20:41:14 +0200 (MET DST) To: Guido van Rooij cc: CVS-committers@freebsd.org, cvs-all@freebsd.org, cvs-lib@freebsd.org Subject: Re: cvs commit: src/lib/libc/db/hash hash_buf.c In-reply-to: Your message of "Thu, 17 Oct 1996 11:27:00 PDT." <199610171827.LAA18832@freefall.freebsd.org> Date: Thu, 17 Oct 1996 20:41:14 +0200 Message-ID: <4131.845577674@critter.tfs.com> From: Poul-Henning Kamp Sender: owner-cvs-lib@freebsd.org X-Loop: FreeBSD.org Precedence: bulk In message <199610171827.LAA18832@freefall.freebsd.org>, Guido van Rooij writes : >guido 96/10/17 11:26:59 > > Modified: lib/libc/db/hash hash_buf.c > Log: > When freeing buffers in the db routines, also zeroize them > This should solve the bug where a coredumping ftpd reveals > encrypted passwords. > Obtained from: OpenBSD Isn't this a pezzimization of rank ? I mean there are many uses of this that do not need this... -- Poul-Henning Kamp | phk@FreeBSD.ORG FreeBSD Core-team. http://www.freebsd.org/~phk | phk@login.dknet.dk Private mailbox. whois: [PHK] | phk@ref.tfs.com TRW Financial Systems, Inc. Future will arrive by its own means, progress not so.