KPasswordEdit patch (was Re: new widgets...)
Ryan Cumming
ryan at completely.kicks-ass.org
Fri Sep 27 10:44:52 BST 2002
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On September 27, 2002 02:39, Thomas Zander wrote:
> As a sidenote; not all implementations of malloc zero-fill the memory
> before returning it; therefor _any_ user can grab all memory which is free
> in the system and search for passwords, even of passwords of other users.
Linux (and any other -sane- kernel) zeroes pages allocated by user space. So
even if your malloc(3) implementation isn't zeroing memory, sbrk(2) and
mmap(2) sure are.
- -Ryan
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.0 (GNU/Linux)
iD8DBQE9lCiZLGMzRzbJfbQRAr/4AJ0eVVE+mgCT0msesp0SnHW9FwSBhgCfSFDf
JuRy4dhOiCUn3Xr6e1oyO+4=
=t6ZM
-----END PGP SIGNATURE-----
More information about the kde-core-devel
mailing list