Sebastien Marie <sema...@online.fr> wrote: > The diff switchs the function sc_mem_secure_alloc() to uses mmap(2) with > MAP_CONCEAL as we do for secrets (it excludes this chunk of memory from core > dumps), and to not uses mlock(2). And changes sc_mem_secure_free() too.
Why. They tried to keep it out of swap, which is meaningless. Why is keeping it out of core files meaningless? corefiles are not world-readable, and the user who can read them can still attach with ptrace and inspect the process, in both these cases. Why do also you feel compelled to solve a problem --- which the ssh client doesn't solve? If a program like that doesn'nt solve it, why does this library, which ges loaded into a behemoth, need to? What makes this code so special that it needs to use rare functionality that almost no other code uses?
