On Sun, Apr 12, 2015 at 01:07:10AM +0200, jvoisin wrote: > Hello, > while playing with compiler optimization and reading the norm to write a > nice wipe_memory(char* mem, size_t len) function, I stumbled upon issue > 23[1]. It seems that libgcrypt can now provide secure memory to > application running as non-root. What about using this in libotr instead > of a custom implementation? > > I pushed a patch on the `secmem` branch, that you can find attached to > this mail.
What happens if you try to compile/run this with an earlier version of libgcrypt than 2.6.7? Should there be a compile-time/run-time check? > + /* Initialize 32k of secure memory */ > + gcry_control (GCRYCTL_INIT_SECMEM, 32768, 0); I'm a little worried about that explicit number. What happens if it's not big enough? The general idea is of course good; I just want to make sure I understand the implications. Thanks, - Ian _______________________________________________ OTR-dev mailing list OTR-dev@lists.cypherpunks.ca http://lists.cypherpunks.ca/mailman/listinfo/otr-dev
