[prev in list] [next in list] [prev in thread] [next in thread]
List: kde-core-devel
Subject: Re: KPasswordEdit patch (was Re: new widgets...)
From: Ryan Cumming <ryan () completely ! kicks-ass ! org>
Date: 2002-09-27 9:44:52
[Download RAW message or body]
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On September 27, 2002 02:39, Thomas Zander wrote:
> As a sidenote; not all implementations of malloc zero-fill the memory
> before returning it; therefor _any_ user can grab all memory which is free
> in the system and search for passwords, even of passwords of other users.
Linux (and any other -sane- kernel) zeroes pages allocated by user space. So
even if your malloc(3) implementation isn't zeroing memory, sbrk(2) and
mmap(2) sure are.
- -Ryan
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.0 (GNU/Linux)
iD8DBQE9lCiZLGMzRzbJfbQRAr/4AJ0eVVE+mgCT0msesp0SnHW9FwSBhgCfSFDf
JuRy4dhOiCUn3Xr6e1oyO+4=
=t6ZM
-----END PGP SIGNATURE-----
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic