Re: [evolution-patches] small patch for security



Looks good. I wonder if we might just always want to clear memory used
by camel for certain objects all the time tho? CamelMimeFilter could
just always clear the backup buffer and such. We could walways clear
memstream objects, etc.

I dunno, just a thought.

Jeff

On Fri, 2004-07-09 at 13:19 +0800, Not Zed wrote:
> 
> As the comment says, this doesn't really make a huge security
> difference, but provides a first-level attempt, and the start of an
> api for it.
> 
> It Just munges memory of decrypted parts after we're finished with
> them, rather than leaving the data around in memory for bugs to
> potentially expose the data.  Of course this doesn't affect any
> mimefilters or gtkhtml data either ...
> 
> (i left the other outstanding camel bug in the diff 'cause i'm lazy)
> 
> -- 
> 
> Michael Zucchi <notzed ximian com>
> 
> Novell's Evolution and Free
> Software Developer
-- 
Jeffrey Stedfast
Evolution Hacker - Novell, Inc.
fejj ximian com  - www.novell.com

Attachment: smime.p7s
Description: S/MIME cryptographic signature



[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]