Hello Matt,
Le 18/02/2016 21:34, Matt Zimmerman a écrit :
Thanks for following up. My recommendation is to say something like:
This function DOES NOT securely erase the contents of the environment.
Security-conscious applications which need to do this should use ....
instead.
Thanks for your reply. To match the note recommending a solution of
withdrawal, then I suggest:
-----
If it is unavailable the assignment
environ = NULL;
will probably do.
But these solutions DO NOT securely erase the contents of the
environment. ecurity-conscious applications which need to do this should
use [...] instead.
----
Problem, I have no idea of good security practice. A helping hand, please?
Regards,
--
Stéphane Aulery
