Hi, Mikhail Voytenko wrote:
document. Although it would need more actions, I do not think that somebody who got access to the memory and was able to read the password would not be able to read more keys. Please correct me if I have misunderstood something.
I don't know about Windows, but UNIX. One possible scenario: 1. There are some colleges in a branch and they are working on their individual terminal. 2. All UNIX processes of OpenOffice.org are running in their server machine and their visual images are projected to users' individual terminal. 3. User A types 'ps -ef' command to find a process ID of User B's OpenOffice.org. 4. User C takes User B for a coffee break. 5. User A comes to B's desk and starts a terminal emulator. 6. User A types 'gcore -o output.filename processID' on Solaris or using gcore subcommand of 'gdb' on Linux to get a core dump without terminating the OpenOffice.org. 7. User A closes the window of the terminal emulator. 8. User B comes back to his desk and continues his work. 9. User A and C starts to look for the password with their debugger referring to the source code of OpenOffice.org. The point is that intruders have plenty time to look for the password in their laboratory, once they have taken the contents of a process memory. Does Windows Server have the similarity? Best Regards, Tora --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@openoffice.org For additional commands, e-mail: dev-h...@openoffice.org