On 23/08/12 22:15, Tor Lillqvist wrote: > But if the password is used to load or save encrypted documents, then > the contents of the document (which the so carefully erased password > protects) is loaded into memory in plain-text, and is equally readable > by an adversary that has access to the virtual memory of your process, > and might get paged out to disk. So what's the win?
that is true for the document that is protected by the password. but in practice that same password may not only give access to that one document, but also let an attacker do other nefarious things like log on to twitter and impersonate the user's cat. _______________________________________________ LibreOffice mailing list LibreOffice@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/libreoffice
