Re: [PATCH ima-evm-utils v4] evmctl: Use secure heap for private keys and passwords

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Hi Vitaly, Stefan,

On Fri, 2021-09-10 at 10:55 -0400, Mimi Zohar wrote:
> What was the conclusion in terms of reading the password stored in the
> environment variable?

If this is an issue, perhaps call the equivalent of optarg_password()
to store the environment variable in secure heap memory.

Something like:
	imaevm_params.keypass =
optarg_password(getenv("EVMCTL_KEY_PASSWORD"));

optarg_password() would then become a wrapper around the new function.

thanks,

Mimi
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Linux Kernel]     [Linux Kernel Hardening]     [Linux NFS]     [Linux NILFS]     [Linux USB Devel]     [Video for Linux]     [Linux Audio Users]     [Yosemite News]     [Linux SCSI]

  Powered by Linux