memset suggestion.

Corinna Vinschen vinschen at
Sat Nov 9 02:15:08 EST 2002

On Fri, Nov 08, 2002 at 08:05:44AM -0600, Ben Lindstrom wrote:
> Everyone uses memset() to clear inmemory passwords so people can't go
> digging around in /dev/kmem.  If memset() is optimizated out then the
> password still stick around in memory until it is reallocated and reused.
> [...]

Thanks for the description.  However, I just saw that I didn't read
a ML thread carefully enough :-(


Corinna Vinschen
Cygwin Developer
Red Hat, Inc.
mailto:vinschen at

More information about the openssh-unix-dev mailing list