Re: Concurrent psql patch

Pavan Deolasee wrote:
> --- 1179,1189 ----
>                              dbname, user, password);
>
>        /* We can immediately discard the password -- no longer needed */
> !       if (password)
> !       {
> !           memset(password, '\0', strlen(password));
>            free(password);
> +       }
>
>
> Any reason why we do this ? "password" is anyways freed.  I think you
> might have left it behind after some debugging exercise.

I believe it's for security reasons. If that memory page is for example
swapped to disk after freeing the field, the password would be written
to the swapfile. Someone who steals your laptop would be able to recover
it from there. Clearing passwords from memory when they're no longer
needed is a good practice.

--
   Heikki Linnakangas
   EnterpriseDB   http://www.enterprisedb.com