[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: Credentials held unencrypted in memory during runtime

From: Ron Wilson <ronw.mrmx_at_gmail.com>
Date: Tue, 12 Apr 2011 15:05:00 -0400

On Tue, Apr 12, 2011 at 1:02 PM, Stefan Küng <tortoisesvn_at_gmail.com> wrote:
> It uses CryptProtectData to encrypt the auth data on disk.
> But that only means it's encrypted for those who use text editors to
> read the files.
> A simple app can use CryptUnprotectData to decrypt the files again.

So, are you using a fixed key? What is the life span of the cache?

The life span should not be indefinate. Entries should expire after a
reasonable amount of time, maybe 15 minutes.

When the background process starts, a new session key should be
generated, then each new entry in the cache should use a salt or an
initialization vector. The salt or initialization vector for a given
entry can be stored with the entry. When an entry is needed, the
session key and the salt or the initialization vector are used
together to decrypt the entry.

Granted, another process might be able to find the session key, but
this does make it harder to get information out of the cache file.
Simply having a compiler will no longer be enough.


To unsubscribe from this discussion, e-mail: [users-unsubscribe_at_tortoisesvn.tigris.org].
Received on 2011-04-12 21:05:06 CEST

This is an archived mail posted to the TortoiseSVN Users mailing list.