KPasswordDialog
Olivier Goffart
ogoffart at tiscalinet.be
Fri Nov 5 20:27:33 GMT 2004
Le Vendredi 5 Novembre 2004 01:19, Brad Hards a écrit :
> On Fri, 5 Nov 2004 11:06 am, Ingo Klöcker wrote:
> > The other threat is that passwords are written to the swap partition.
> > This can only be countered by using mlock'ed char* memory. mlocking
> > QString is impossible (unless you or Qt writes QSecureString).
>
> QCA 2 will have a QSecureArray, which uses mlock() if available, else uses
> mmap to a file which is then unlinked, and overwritten on exit.
> See
> http://webcvs.kde.org/cgi-bin/cvsweb.cgi/kdesupport/qca/src/qca_tools.cpp?r
>ev=1.12;content-type=text%2Fx-cvsweb-markup for the implementation.
pinentry-qt has also a fork QString to create a secure QSecString
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
URL: <http://mail.kde.org/pipermail/kde-core-devel/attachments/20041105/adb030a2/attachment.sig>
More information about the kde-core-devel
mailing list