Issue ASACORE-2618 <https://jira.allseenalliance.org/browse/ASACORE-2618>
discusses the fact that AJ_NVRAM_Delete does not clear the memory, making sensitive data vulnerable to access after deletion. I believe adding an AJ_NVRAM_SecureDelete function would satisfy the requirements without adding undue writes to NVRAM every single time delete is called. There are specific places in the TCL code where we would make the Secure call, but we could leave everything else using the original one, which does nothing but mark the NVRAM element id as invalid (much more optimal). Does anyone have any thoughts on this? -Josh *Josh Spain, Director of Engineering, Affinegy* 1705 S. Capital of Texas Hwy, Ste. 310, Austin, TX, 78746 512.535.1700 [email protected] http://affinegy.com
_______________________________________________ Allseen-core mailing list [email protected] https://lists.allseenalliance.org/mailman/listinfo/allseen-core
