Security in Cancel-Lock password handling (secrets.conf)
Russ Allbery
eagle at eyrie.org
Mon Oct 4 21:25:39 UTC 2021
Julien ÉLIE <julien at trigofacile.com> writes:
> 1/ Can secrets.conf remain in memory (in a struct) or should it be
> loaded, used, erased with explicit_bzero() and freed for each article
> injection?
In general I'm dubious of the utility of trying to wipe secrets from
memory and Cryptography Engineering generally recommends against bothering
because there are so many ways to fail, but if it's easy enough to do, I
suppose it can't hurt. (That was the same principle under which I added
the explicit_bzero calls to my pam-krb5 module.)
--
Russ Allbery (eagle at eyrie.org) <https://www.eyrie.org/~eagle/>
Please send questions to the list rather than mailing me directly.
<https://www.eyrie.org/~eagle/faqs/questions.html> explains why.
More information about the inn-workers
mailing list