Date: prev next · Thread: first prev next last
2012 Archives by date, by thread · List index


I posted a first patch to remove the string anhnilation inside the PDF
import. Better idea to remove this now instead of replacing rtl_zeroMemory
by a memset and remove it. So could you review it, I'm not sure if I can
modify pdf import now or if we want to import modification from Apache.

https://gerrit.libreoffice.org/#/c/489/

Thanks in advance

I plan to propose a string implementation with memory erasure during the
string destruction and with memory locking in RAM if it can be useful.

2012/8/24 Michael Stahl <mstahl@redhat.com>

On 24/08/12 12:53, Caolán McNamara wrote:
On Thu, 2012-08-23 at 21:00 +0200, Arnaud Versini wrote:
Hi everyone,

I noticed in the code some annihilation of O[U]String content by using
memset or rtl_zeroMemory directly on the content as a password
security. It breaks encapsulation and the string immutability, not so
good. I think there is four possibilities, in order of my personal
preference ;-) :
     1. Don't eradicate the string content, the content remain in RAM
        until the string deletion and a new allocation of the area

So, looking at the code that "trashes" the password it doesn't make a
whole pile of sense to me. There's a OUString which is converted to a
OString, and the OString is then mangled with a
rtl_zeroMemory((void*)foo.getStr(), foo.getLength()) after use, but the
original OUString remains. So only the copy gets mangled, not the
original.

well clearly that _is_ just security theater  :)

Best IMO to remove the Zeroing. If we want to do this sort of stuff,
we'd really need a single secure password class kind of thing, and use
it consistently, rather than arbitrarily butchering the occasional
OString.

agreed (see my other mail from yesterday for details).


_______________________________________________
LibreOffice mailing list
LibreOffice@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/libreoffice




-- 
Arnaud Versini

Context


Privacy Policy | Impressum (Legal Info) | Copyright information: Unless otherwise specified, all text and images on this website are licensed under the Creative Commons Attribution-Share Alike 3.0 License. This does not include the source code of LibreOffice, which is licensed under the Mozilla Public License (MPLv2). "LibreOffice" and "The Document Foundation" are registered trademarks of their corresponding registered owners or are in actual use as trademarks in one or more countries. Their respective logos and icons are also subject to international copyright laws. Use thereof is explained in our trademark policy.