Beefy Boxes and Bandwidth Generously Provided by pair Networks
Do you know where your variables are?

Re^4: mod_perl2 interactive startup

by amino (Initiate)
on Aug 18, 2009 at 14:01 UTC ( #789468=note: print w/replies, xml ) Need Help??

in reply to Re^3: mod_perl2 interactive startup
in thread mod_perl2 interactive startup

It is just as trivial. Cleartext Passwords in Linux Memory

"...that data from memory can be recovered with physical access to systems in a very short period of time." from the abstract of the paper that appears in the first few search results.

That leads me to believe it is not as trivial b/c an intruder needs physical access.

Replies are listed 'Best First'.
Re^5: mod_perl2 interactive startup
by Anonymous Monk on Aug 18, 2009 at 14:49 UTC
    That leads me to believe it is not as trivial b/c an intruder needs physical access.

    It doesn't say that.

    Quickly overwriting passwords in memory would minimize the risk of capture via physical access, cold boot techniques, swap space forensics or simple, live, privileged memory captures.

      So are you arguing that random apache vulnerabilities are as likely to give simple, live, privileged memory access as they are to give access to the filesystem?? Assuming the system doesn't allow core dumps, this seems far-fetched.

      In its conclusion the paper doesn't argue that developers should store passwords in plaintext in configuration files (which is the insane point you seem to be arguing for). It argues that passwords should be erased from memory when they're no longer needed.

      Do you actually have anything useful to suggest?

Log In?

What's my password?
Create A New User
Node Status?
node history
Node Type: note [id://789468]
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others chilling in the Monastery: (1)
As of 2020-10-25 17:09 GMT
Find Nodes?
    Voting Booth?
    My favourite web site is:

    Results (249 votes). Check out past polls.