Kees, when you have some time can we get your opinion on the python-
keyring module? Specifically this concern noted by Martin:
The main problem that I see here is that it's handling a lot of
passwords, and doesn't use any kind of mlock()-like protection anywhere.
So passwords are copied around a lot and get easily written to disk
unencrypted, once this gets into swap.
Feel free to ping benji for a walk through the code.
** Changed in: null
Assignee: (unassigned) => Kees Cook (kees)
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/686257
Title:
upgrade to python-keyring 0.5 (and MIR)
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
