On Fri, Apr 25, 2008 at 11:36:40AM +0400, Alexander Bokovoy wrote: > Here we have non-equal behavior. Previously, the mountpassword content > was zeroed before freeing it due to security reasons. As
Ah. Looking more carefully I am right and you are wrong. There is no security benefit in zeroing out the password here. It's before a free, so just free it. > mount_cifs_usage() could be called multiple times (its call is in the > getopt_long()'s loop) and, particulary, after password has been filled > in, mountpassword's memory could still keep the password. Thus, memset() > is still needed. So what if the discarded memory holds the password ? No one but root has access to the memory space and root has access to the password anyway. This is "voodoo" security - has no benefit. Jeremy.
