Date: Thu, 17 Oct 1996 22:04:45 +0200 (MET DST) From: guido@gvr.win.tue.nl (Guido van Rooij) To: thorpej@nas.nasa.gov Cc: phk@critter.tfs.com, guido@freebsd.org, freebsd-hackers@freebsd.org, tech-userlevel@netbsd.org Subject: Re: cvs commit: src/lib/libc/db/hash hash_buf.c Message-ID: <199610172004.WAA11623@gvr.win.tue.nl> In-Reply-To: <199610171900.MAA06276@lestat.nas.nasa.gov> from Jason Thorpe at "Oct 17, 96 12:00:53 pm"
next in thread | previous in thread | raw e-mail | index | archive | help
> > bzero'ing a hash buffer is not a complete solution to the problem, > since the process may contain other potentially sensitive data > in its address space. What you really want to do is protect > the cores. > And what about a user attaching a debugger to a running ftpd... -Guido
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199610172004.WAA11623>