Package: pam-mysql Severity: wishlist Tags: security -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
If you went over trouble of overwriting encrypted password in memory with zeros (pam_mysql.c line 535-537), why don't overwrite plaintext passwords as well? Primoz Bratanic -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.0 (GNU/Linux) iD8DBQFCepwFHOuqnSwJthERAlAVAKDGjdOpp1pLM8jO86/AIwfpUT485ACgmNU4 x6E05Asnz+E+6znE/uB4cjs= =xVDj -----END PGP SIGNATURE----- -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]