[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: Credentials held unencrypted in memory during runtime

From: Andre.Ziegler <MagicAndre1981_at_live.com>
Date: Wed, 13 Apr 2011 05:01:12 -0700 (PDT)

> I think the issue is simply that when the program (TProc) exits, that
> physical memory is freed and can then be allocated to another process.
> If it contains sensitive information then the second process, which
> may be completely unrelated, can see it.

Windows has a Zero Memory Manager Thread which overrides all freed RAM
with Zeros to avoid such things. Check Process Explorer or
Processhacker to see this.


To unsubscribe from this discussion, e-mail: [users-unsubscribe_at_tortoisesvn.tigris.org].
Received on 2011-04-13 14:01:16 CEST

This is an archived mail posted to the TortoiseSVN Users mailing list.