[prev in list] [next in list] [prev in thread] [next in thread]
List: kde-core-devel
Subject: Re: KPasswordDialog
From: Brad Hards <bradh () frogmouth ! net>
Date: 2004-11-05 0:19:21
Message-ID: 200411051119.27475.bradh () frogmouth ! net
[Download RAW message or body]
On Fri, 5 Nov 2004 11:06 am, Ingo Klöcker wrote:
> The other threat is that passwords are written to the swap partition.
> This can only be countered by using mlock'ed char* memory. mlocking
> QString is impossible (unless you or Qt writes QSecureString).
QCA 2 will have a QSecureArray, which uses mlock() if available, else uses
mmap to a file which is then unlinked, and overwritten on exit.
See
http://webcvs.kde.org/cgi-bin/cvsweb.cgi/kdesupport/qca/src/qca_tools.cpp?rev=1.12;content-type=text%2Fx-cvsweb-markup
for the implementation.
Brad
[Attachment #3 (application/pgp-signature)]
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic