On Wed, 11 Jul 2007 16:48:32 +0200, Lennart Poettering wrote: Thanks four your ideas!
> Because the password is stored in /etc/default/iodine please make sure > to install this file with 600 access mode. Fixed in svn. > Also, please modify iodine/iodined to XXX out the password passed to it > via the command line. This is not a perfect but certainly substantial > security improvement because it makes the password not show up in most > "ps xawww" calls. > > memset(argv[n], 'X', strlen(argv[n])) shold do the job in n is the > argument number with the password. I've already contacted upstream about this proposal. Cheers, gregor -- .''`. http://info.comodo.priv.at/ | gpg key ID: 0x00F3CFE4 : :' : debian: the universal operating system - http://www.debian.org/ `. `' member of https://www.vibe.at/ | how to reply: http://got.to/quote/ `- NP: Donovan: Epistle To Derroll
signature.asc
Description: Digital signature
