Yuri D'Elia wrote:
> In article <[EMAIL PROTECTED]>,
> Alvin <[EMAIL PROTECTED]> wrote:
>
>> txtPasswd->value("XXXXXXXXXXXXXXXXXXXXXXXX");
>> txtPasswd->value(NULL);
>>
>> By looking at the addresses of the value_ and buffer members, this seems
>> to do the trick.
>
> MMmh. I think horizontal scrolling copies the buffer around in some
> temporary buffers too, so _that_ zeroing would be partial.
>
> Memory is cleared by the OS upon allocation anyway. Memory is also
> copied around the swap too, unless you take measures to force the memory
> to be wired. And then again, if you need to pass the password to another
> process, all that kind of handling is almost pointless. There are too
> many places were your password was actually copied and maybe still
> visible.
>
>> Now that I'm looking at the code again, is this actually correct? Or is
>> there another procedure I should be using instead like storing the the
>> value() as a non-const and manipulating it's contents. Something like:
>
> If you handle the password yourself, in your code only, force memory
> mapping and disable X event handling that could capture keypresses
> (coupled with a special exclusive keyboard driver), _then_ I suggest to
> take some small effort and implement a secure input control yourself :).
Thanks. What the program does is fork a child that exec's in place the mount
command with the appropriate switches. The passphrase is then fed into
mount's stdin.
Once memory swapping, paging, etc. are taken into consideration, the problem
explodes into a very complex solution.
I think I will keep what I have for now and perhaps even remove the buffer
clearing altogether in the future.
Thanks,
--
Alvin
_______________________________________________
fltk mailing list
[email protected]
http://lists.easysw.com/mailman/listinfo/fltk
