DragonFly BSD
DragonFly users List (threaded) for 2005-03
[Date Prev][Date Next]  [Thread Prev][Thread Next]  [Date Index][Thread Index]

SecureZeroMemory. Security for certain usages.

From: Tsume <tsume@xxxxxxxxxxxxx>
Date: Sat, 05 Mar 2005 10:01:25 -0500

Hello dfusers,

I can understand where Microsoft is coming from
with the usage of deleteing sensitive data in
memory. I've a difficult time explaining it to
people however. Would someone like to explain
in an easier detail why using memset to 0 is bad?

The point is to help prevent sensitive data
from reaching the swapfile and coredumps. However,
I'm having trouble explaining to some people.
Its also a known issue in GCC. There was a fellow
last year who informed and shows examples how the
code acted and they just 'blew him off'.


Thanks in advance,


[Date Prev][Date Next]  [Thread Prev][Thread Next]  [Date Index][Thread Index]