Re: Bug#679323: clearenv(3): implies that it's a security tool

From: Stéphane Aulery <hidden>
Date: 2016-02-18 21:44:40

Hello Matt,

Le 18/02/2016 21:34, Matt Zimmerman a écrit :

Thanks for following up.  My recommendation is to say something like:

This function DOES NOT securely erase the contents of the environment.
Security-conscious applications which need to do this should use ....
instead.

Thanks for your reply. To match the note recommending a solution of 
withdrawal, then I suggest:

-----

If it is unavailable the assignment

     environ = NULL;

will probably do.

But these solutions DO NOT securely erase the contents of the 
environment. ecurity-conscious applications which need to do this should 
use [...] instead.

----

Problem, I have no idea of good security practice. A helping hand, please?

Regards,

-- 
Stéphane Aulery
--
To unsubscribe from this list: send the line "unsubscribe linux-man" in
the body of a message to majordomo-u79uwXL29TY76Z2rM5mHXA@public.gmane.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

`h`	back out one level
`j`	next message in thread
`k`	previous message in thread
`l`	drill in
`Esc`	close help / fold thread tree
`?`	toggle this help