Secure Passwords in Memory
David M. Cooke
cookedm at physics.mcmaster.ca
Sat Sep 30 22:56:02 EDT 2000
At some point, "Eric Gillespie, Jr." <epg at progenylinux.com> wrote:
> On Sun, Oct 01, 2000 at 10:56:49AM +1300,
> matt <matt at virtualspectator.com> wrote:
>
> > Are you worried about someone snooping all your memory, or just
> > having access to the core dump of a python process? If it is the
> > latter, then it's nicer to catch termination signals and quit
> > nicely.
>
> I'm worried about memory.
How is someone who isn't root going to snoop all memory? I would be
more worried about core files.
I believe, in the development of Linux, when /proc/kmem was introduced
(it's basically a virtual file of all memory) there was a discussion
about someone using it to snoop on passwords, especially the root
password. Alan Cox stopped the discussion by pointing out that only
root could access /proc/kmem, so what was the problem? Admittedly, you
should still zero out passwords :-)
If you eventually write a C module, you might want to look at
the mlock(2) call, which locks a region in memory, so it isn't
swapped. However, only root can use this, limiting it's utility.
--
|>|\/|<
----------------------------------------------------------------------------
David M. Cooke
cookedm at mcmaster.ca
More information about the Python-list
mailing list