Re: Password security question

Поиск
Список
Период
Сортировка
От mlw
Тема Re: Password security question
Дата
Msg-id 3DFF55AB.8010706@mohawksoft.com
обсуждение исходный текст
Ответ на Password security question  ("Christopher Kings-Lynne" <chriskl@familyhealth.com.au>)
Ответы Re: Password security question  (Greg Copeland <greg@CopelandConsulting.Net>)
Список pgsql-hackers
Дерево обсуждения 

Christopher Kings-Lynne wrote:

>Hi guys,
>
>Just a thought - do we explicitly wipe password strings from RAM after using
>them?
>
>I just read an article (by MS in fact) that illustrates a cute problem.
>Imagine you memset the password to zeros after using it.  There is a good
>chance that the compiler will simply remove the memset from the object code
>as it will seem like it can be optimised away...
>
>Just wondering...
>
>Chris
>  
>
Could you post that link? That seems wrong, an explicit memset certainly 
changes the operation of the code, and thus should not be optimized away.

>  
>

В списке pgsql-hackers по дате отправления:

Предыдущее
От: mlw
Дата:
Сообщение: Re: Suggestion; "WITH VACUUM" option
Следующее
От: Greg Copeland
Дата:
Сообщение: Re: Password security question