[hackers] [slock][patch] clear passwords with explicit_bzero

From: Hiltjo Posthuma <hiltjo_AT_codemadness.org>
Date: Sun, 31 Jul 2016 14:48:42 +0200


As seen on the openbsd-ports mailinglist it brought to my attention we should
explicitly clear passwords for the slock program (memset can be optimized out
by the compiler). I also went a bit further and cleared the buffers for the
last character also.

Credits goes to the OpenBSD community for the reminder.

Let me know what you think or if i've missed something.

Received on Sun Jul 31 2016 - 14:48:42 CEST

This archive was generated by hypermail 2.3.0 : Sun Jul 31 2016 - 15:00:17 CEST