[PATCH] memset_s() and talloc_set_secure()

Jeremy Allison jra at samba.org
Wed Mar 27 02:42:58 UTC 2019

On Wed, Mar 27, 2019 at 02:13:17PM +1300, Andrew Bartlett via samba-technical wrote:
> All I can say is we had an agreed approach, and we have reviewed
> patches but now we are back in the weeds.

Well let's get more data first on the costs of the flag
approach. If it's costly, then refusing it is clear.

If it's cheap, then we should look more carefully
at the flag approach because Simo's security arguments
are valid (IMHO).

Don't want extra complexity we have to pay for if
it's not going to be used, but marking memory as
'sensitive' does seem to be a feature that will get
used (as we handle security-sensitive data inside
Samba quite a bit).

More information about the samba-technical mailing list