On 20/01/16 00:18, Roland Mainz wrote:
On Tue, Jan 19, 2016 at 11:53 PM, Ángel González<keisial@xxxxxxxxx> wrote:
That won't work when the data was recovered because it was read inside
a stdio buffer which was not overwritten before being freed.
Why is stdio used in such a security-sensitive area anyway ? Is there
any performance impact if the code is switched to plain { |open()|,
|read()|, ... } (with sufficient wrappers for |EINTR| handling) ?
Probably not, and in fact I would favor changing it.
I was just pointing out that the private key leak was not in OpenSSH buffers,
which were properly zeroed, but from things like the use of stdio buffers.
Best regards
_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@xxxxxxxxxxx
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev