Re: [evolution-patches] small patch for security




Possible, but it would be better to be optional since it isn't free.  Actually now i think about it it should have been a camel-object property.  That way it could be propagated to related objects.

On Fri, 2004-07-09 at 12:05 -0400, Jeffrey Stedfast wrote:
Looks good. I wonder if we might just always want to clear memory used
by camel for certain objects all the time tho? CamelMimeFilter could
just always clear the backup buffer and such. We could walways clear
memstream objects, etc.

I dunno, just a thought.

Jeff

On Fri, 2004-07-09 at 13:19 +0800, Not Zed wrote:
> 
> As the comment says, this doesn't really make a huge security
> difference, but provides a first-level attempt, and the start of an
> api for it.
> 
> It Just munges memory of decrypted parts after we're finished with
> them, rather than leaving the data around in memory for bugs to
> potentially expose the data.  Of course this doesn't affect any
> mimefilters or gtkhtml data either ...
> 
> (i left the other outstanding camel bug in the diff 'cause i'm lazy)
> 
> -- 
> 
> Michael Zucchi <notzed ximian com>
> 
> Novell's Evolution and Free
> Software Developer
--
Michael Zucchi <notzed ximian com>

Novell's Evolution and Free Software Developer


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]