Re: [PATCH] Revert "conf: clean up memory containing secrets before freeing"

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On a Wednesday in 2022, Peter Krempa wrote:
Adding supposedly secure cleanup for secrets in anything related to the
XML parser is pointless because there are multiple other un-sanitized
copies of the full XML and the XML parser state at the very least.

Similarly in case RPC was used to transport the XML the RPC buffers are
not sanitized.

Additionally this patch was incomplete as it didn't sanitize the the

d/the /

password in the cleanup function for virDomainGraphicsAuthDef.

This reverts commit 51f8130d78fde3201b49c02b7095ff918b6e658a.

Please drop the trailing period.


Signed-off-by: Peter Krempa <pkrempa@xxxxxxxxxx>
---
src/conf/domain_conf.c | 2 --
1 file changed, 2 deletions(-)


Reviewed-by: Ján Tomko <jtomko@xxxxxxxxxx>

Jano




[Index of Archives]     [Virt Tools]     [Libvirt Users]     [Lib OS Info]     [Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Big List of Linux Books]     [Yosemite News]     [KDE Users]     [Fedora Tools]

  Powered by Linux