From RISKS: secret scrubbing code removed by optimizers

Thomas Binder binder at
Sat Nov 9 03:41:55 EST 2002


On Thu, Nov 07, 2002 at 03:51:44PM -0800, Gary E. Miller wrote:
> If the memset() is eliminated as "dead code", then the password
> stays on the stack.  Then anyone looking at /dev/kmem can see it
> in the clear.

The question is, though, why someone having access rights to read
/dev/kmem or swap space wouldn't rather install a trojaned or
otherwise modified sshd instead to snoop credentials.



More information about the openssh-unix-dev mailing list