[liboobs] Ensure passwords are erased from memory
- From: Milan Bouchet-Valat <milanbv src gnome org>
- To: svn-commits-list gnome org
- Cc:
- Subject: [liboobs] Ensure passwords are erased from memory
- Date: Sun, 7 Feb 2010 11:18:45 +0000 (UTC)
commit 51139d291679ce84db34166d8823f22d700aa51a
Author: Milan Bouchet-Valat <nalimilan club fr>
Date: Sun Feb 7 11:58:42 2010 +0100
Ensure passwords are erased from memory
We need to ensure clear text passwords for users and groups don't stay forever in memory. This means we erase them as soon as objects are committed, and on finalize() in case objects have not been committed. One drawback could be that a failed commit can't be reproduced without re-setting the password field, but no clients should rely on that behavior.
oobs/oobs-group.c | 11 ++++++++++-
oobs/oobs-user.c | 11 ++++++++++-
2 files changed, 20 insertions(+), 2 deletions(-)
---
diff --git a/oobs/oobs-group.c b/oobs/oobs-group.c
index 822c83a..6c68de4 100644
--- a/oobs/oobs-group.c
+++ b/oobs/oobs-group.c
@@ -256,13 +256,16 @@ oobs_group_finalize (GObject *object)
if (priv)
{
g_free (priv->groupname);
- g_free (priv->password);
g_list_foreach (priv->usernames, (GFunc) g_free, NULL);
g_list_free (priv->usernames);
g_list_foreach (priv->users, (GFunc) g_object_unref, NULL);
g_list_free (priv->users);
+
+ /* Erase password field in case it's not done */
+ memset (priv->password, 0, strlen (priv->password));
+ g_free (priv->password);
}
if (G_OBJECT_CLASS (oobs_group_parent_class)->finalize)
@@ -345,12 +348,18 @@ _oobs_create_dbus_struct_from_group (OobsGroup *group,
static void
oobs_group_commit (OobsObject *object)
{
+ OobsGroupPrivate *priv;
DBusMessage *message;
DBusMessageIter iter;
message = _oobs_object_get_dbus_message (object);
dbus_message_iter_init_append (message, &iter);
_oobs_create_dbus_struct_from_group (OOBS_GROUP (object), message, &iter);
+
+ /* Erase password field as soon as possible */
+ priv = OOBS_GROUP_GET_PRIVATE (OOBS_GROUP (object));
+ memset (priv->password, 0, strlen (priv->password));
+ g_free (priv->password);
}
/*
diff --git a/oobs/oobs-user.c b/oobs/oobs-user.c
index b48e30b..03bddaf 100644
--- a/oobs/oobs-user.c
+++ b/oobs/oobs-user.c
@@ -435,7 +435,6 @@ oobs_user_finalize (GObject *object)
if (priv)
{
g_free (priv->username);
- g_free (priv->password);
g_free (priv->homedir);
g_free (priv->shell);
g_free (priv->full_name);
@@ -447,6 +446,10 @@ oobs_user_finalize (GObject *object)
if (priv->main_group)
g_object_unref (priv->main_group);
+
+ /* Erase password field in case it's not done */
+ memset (priv->password, 0, strlen (priv->password));
+ g_free (priv->password);
}
if (G_OBJECT_CLASS (oobs_user_parent_class)->finalize)
@@ -611,6 +614,7 @@ create_dbus_struct_from_user (OobsUser *user,
static void
oobs_user_commit (OobsObject *object)
{
+ OobsUserPrivate *priv;
DBusMessage *message;
DBusMessageIter iter, struct_iter;
@@ -620,6 +624,11 @@ oobs_user_commit (OobsObject *object)
dbus_message_iter_open_container (&iter, DBUS_TYPE_STRUCT, NULL, &struct_iter);
create_dbus_struct_from_user (OOBS_USER (object), message, &struct_iter);
dbus_message_iter_close_container (&iter, &struct_iter);
+
+ /* Erase password field as soon as possible */
+ priv = OOBS_USER_GET_PRIVATE (OOBS_USER (object));
+ memset (priv->password, 0, strlen (priv->password));
+ g_free (priv->password);
}
/*
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]
