From owner-freebsd-hackers Thu Oct 17 15:05:09 1996 Return-Path: owner-hackers Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id PAA03208 for hackers-outgoing; Thu, 17 Oct 1996 15:05:09 -0700 (PDT) Received: from sovcom.kiae.su (sovcom.kiae.su [193.125.152.1]) by freefall.freebsd.org (8.7.5/8.7.3) with SMTP id PAA03203; Thu, 17 Oct 1996 15:05:03 -0700 (PDT) Received: by sovcom.kiae.su id AA14191 (5.65.kiae-1 ); Fri, 18 Oct 1996 01:00:23 +0300 Received: by sovcom.KIAE.su (UUMAIL/2.0); Fri, 18 Oct 96 01:00:23 +0300 Received: (from ache@localhost) by nagual.ru (8.7.6/8.7.3) id BAA00344; Fri, 18 Oct 1996 01:57:35 +0400 (MSD) Message-Id: <199610172157.BAA00344@nagual.ru> Subject: Re: cvs commit: src/lib/libc/db/hash hash_buf.c In-Reply-To: <199610172004.WAA11623@gvr.win.tue.nl> from "Guido van Rooij" at "Oct 17, 96 10:04:45 pm" To: guido@gvr.win.tue.nl (Guido van Rooij) Date: Fri, 18 Oct 1996 01:57:34 +0400 (MSD) Cc: thorpej@nas.nasa.gov, phk@critter.tfs.com, guido@freebsd.org, freebsd-hackers@freebsd.org, tech-userlevel@netbsd.org From: "=?KOI8-R?Q?=E1=CE=C4=D2=C5=CA_=FE=C5=D2=CE=CF=D7?=" (Andrey A. Chernov) Organization: self X-Class: Fast X-Mailer: ELM [version 2.4ME+ PL28 (25)] Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: owner-hackers@freebsd.org X-Loop: FreeBSD.org Precedence: bulk > > > > bzero'ing a hash buffer is not a complete solution to the problem, > > since the process may contain other potentially sensitive data > > in its address space. What you really want to do is protect > > the cores. > > I consider it as a bad move too and performance degradation. Why only DB? Why you don't automatically clear stack too? :-) Passwords can be stored anywhere in the application, and it is per-application task to clear sensetive data anywhere. Please, back out this change. > And what about a user attaching a debugger to a running ftpd... He must be root for that. -- Andrey A. Chernov http://www.nagual.ru/~ache/