Date: Fri, 18 Oct 1996 01:57:34 +0400 (MSD) From: "=?KOI8-R?Q?=E1=CE=C4=D2=C5=CA_=FE=C5=D2=CE=CF=D7?=" (Andrey A. Chernov) <ache@nagual.ru> To: guido@gvr.win.tue.nl (Guido van Rooij) Cc: thorpej@nas.nasa.gov, phk@critter.tfs.com, guido@freebsd.org, freebsd-hackers@freebsd.org, tech-userlevel@netbsd.org Subject: Re: cvs commit: src/lib/libc/db/hash hash_buf.c Message-ID: <199610172157.BAA00344@nagual.ru> In-Reply-To: <199610172004.WAA11623@gvr.win.tue.nl> from "Guido van Rooij" at "Oct 17, 96 10:04:45 pm"
next in thread | previous in thread | raw e-mail | index | archive | help
> > > > bzero'ing a hash buffer is not a complete solution to the problem, > > since the process may contain other potentially sensitive data > > in its address space. What you really want to do is protect > > the cores. > > I consider it as a bad move too and performance degradation. Why only DB? Why you don't automatically clear stack too? :-) Passwords can be stored anywhere in the application, and it is per-application task to clear sensetive data anywhere. Please, back out this change. > And what about a user attaching a debugger to a running ftpd... He must be root for that. -- Andrey A. Chernov <ache@nagual.ru> http://www.nagual.ru/~ache/
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199610172157.BAA00344>