Use |mprotect()| to secure key data ? / was: Re: Proposal: always handle keys in separate process

[Roland Mainz]

On Tue, Jan 19, 2016 at 11:53 PM, Ángel González <keisial at gmail.com> wrote:
> That won't work when the data was recovered because it was read inside
> a stdio buffer which was not overwritten before being freed.

Why is stdio used in such a security-sensitive area anyway ? Is there
any performance impact if the code is switched to plain { |open()|,
|read()|, ... } (with sufficient wrappers for |EINTR| handling) ?

----

Bye,
Roland

-- 
  __ .  . __
 (o.\ \/ /.o) roland.mainz at nrubsig.org
  \__\/\/__/  MPEG specialist, C&&JAVA&&Sun&&Unix programmer
  /O /==\ O\  TEL +49 641 3992797
 (;O/ \/ \O;)