On 07/27/2015 10:00 AM, Carlos E. R. wrote:
On 2015-07-27 15:46, Anton Aylward wrote:
On 07/27/2015 09:12 AM, Carlos E. R. wrote:
Personally I think that the idea of having a cleartext version available anywhere is a bad idea. If it matters that much there should be no cleartext version anywhere except in memory.
And that's where it will be. tmpfs is memory.
No. a tmpfs is part of the file system.
Yes, but in memory. It is memory. :-)
And, in Linux, a process memory can be accessed as a file under /proc, I believe, so memory is also filesystem :-p
What matters is that the clear text password is not on disk.
*sigh* if you log out each day (at least) and shut down (each day at least)[1] so that the window is small then not having the clear text in persistent storage at least limits the modes of attack. But if you are going to bring /proc/<id>/mem into it and require root access then there are many much simpler methods of attack than reading memory. [1] as in when you break for coffee, break to answer the phone, break to go to a meeting, break to go to lunch, break to go micturate, use some other application and so shut down email[]2] [2] All of which gets very iffy if you use a tablet or phone or pretty much anything except a desktop PC. -- A: Yes. > Q: Are you sure? >> A: Because it reverses the logical flow of conversation. >>> Q: Why is top posting frowned upon? -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org