[PATCH] Revert "conf: clean up memory containing secrets before freeing"
Pavel Hrdina
phrdina at redhat.com
Wed Sep 7 12:24:08 UTC 2022
On Wed, Sep 07, 2022 at 01:13:23PM +0200, Peter Krempa wrote:
> Adding supposedly secure cleanup for secrets in anything related to the
> XML parser is pointless because there are multiple other un-sanitized
> copies of the full XML and the XML parser state at the very least.
>
> Similarly in case RPC was used to transport the XML the RPC buffers are
> not sanitized.
>
> Additionally this patch was incomplete as it didn't sanitize the the
> password in the cleanup function for virDomainGraphicsAuthDef.
>
> This reverts commit 51f8130d78fde3201b49c02b7095ff918b6e658a.
>
> Signed-off-by: Peter Krempa <pkrempa at redhat.com>
> ---
> src/conf/domain_conf.c | 2 --
> 1 file changed, 2 deletions(-)
Reviewed-by: Pavel Hrdina <phrdina at redhat.com>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/libvir-list/attachments/20220907/59bf0630/attachment.sig>
More information about the libvir-list
mailing list