Package: manpages-dev Severity: normal I was researching ways to securely purge environment variables, e.g. where they're used to pass credentials. clearenv(3) says in the NOTES section:
Used in security-conscious applications. If it is unavailable the assignment environ = NULL; will probably do. The implementation in glibc just frees the memory and sets the environ pointer to NULL. Neither this, nor environ = NULL will actually overwrite the memory used for the environment, so it's misleading to say that it's used in security-conscious applications. The environment needs to be zeroed out in order to be securely cleared. -- - mdz -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org