KPasswordDialog
Brad Hards
bradh at frogmouth.net
Fri Nov 5 00:19:21 GMT 2004
On Fri, 5 Nov 2004 11:06 am, Ingo Klöcker wrote:
> The other threat is that passwords are written to the swap partition.
> This can only be countered by using mlock'ed char* memory. mlocking
> QString is impossible (unless you or Qt writes QSecureString).
QCA 2 will have a QSecureArray, which uses mlock() if available, else uses
mmap to a file which is then unlinked, and overwritten on exit.
See
http://webcvs.kde.org/cgi-bin/cvsweb.cgi/kdesupport/qca/src/qca_tools.cpp?rev=1.12;content-type=text%2Fx-cvsweb-markup
for the implementation.
Brad
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
URL: <http://mail.kde.org/pipermail/kde-core-devel/attachments/20041105/9c5f01c3/attachment.sig>
More information about the kde-core-devel
mailing list