KPasswordDialog / KPasswordEdit

Stefan Teleman steleman at
Sun Jan 15 07:17:09 GMT 2006

On Saturday 14 January 2006 16:44, Brad Hards wrote:
> Justin Karneges and I have done some work on a QSecureArray class (closer
> to the Qt4 QByteArray than to QString, but perhaps appropriate for this
> purpose) in QCA. The implementation uses mlock() or mmap() to avoid
> swapping the passwords out.

- mmap()'ed memory gets swapped out -- actually, memory pages reserved for 
mmap(2) are allocated on swap, unless MAP_NORESERVE is passed to mmap(2), in 
which case the caller is responsible for creating a shared memory region for 
the memory-mapped pages, previous to calling mmap(2), and passing the 
properly aligned address of the start of the memory region as the first 
argument to mmap(2)
- mlock(3C) does not guarantee that the memory region being locked will not be 
implicitly unlocked and swapped out (unless the previous applies)

the only kind of memory which is guaranteed not to be swapped out is shared 
memory created by shmget(2) and shmat(2). however, most systems impose a 
lower bound limit on the minimum size of a shared memory segment (1MB) which 
is impractical for storing a password.


Stefan Teleman          'Nobody Expects the Spanish Inquisition'
steleman at                          -Monty Python

More information about the kde-core-devel mailing list