Software leaves encryption keys, passwords lying around in memory
bje at redhat.com
Wed Nov 6 16:05:47 EST 2002
>>>>> "Vennonen," == Vennonen, Ari J <ari.vennonen=r3q2otnueiw at public.gmane.org> writes:
Ari> future enhancement to the optimiser may turn it back into a
Ari> nop. What it really needs is the addition of a #pragma
Ari> dont_remove_this_code_you_bastard in the compiler. Until then,
Ari> a lot of security code will be affected by this problem.
A cheap alternative is to disable the relevant optimisations.
More information about the linux