It would be *very* insecure. Any root-level program could pick up that password very easily just by examining /dev/kmem. Why would you want to store that password for the life of a program anyway? It's standard procedure for programs that accept passwords to forget them immediately after receiving them and doing the authentication. --Jason On Tue, 2002-11-05 at 00:41, Jacob Perkins wrote: > How (in)secure would it be to have a static gchar that would save a > plaintext password? The gchar would start off null, but could later > contain a password, and is static for the life of the app. Is there a > better way to do this? -- Jason A. Pfeil pfeil 10East com Senior Open Systems Engineer http://www.10East.com 10East, Inc. (904)220-DOCS
Attachment:
signature.asc
Description: This is a digitally signed message part