uses protected memory buffers now for all secrets in ram
This commit is contained in:
13
TODO.md
13
TODO.md
@@ -6,22 +6,9 @@ prioritized from most critical (top) to least critical (bottom).
|
||||
|
||||
## Code Cleanups
|
||||
|
||||
* none of the integration tests should be searching for a binary or trying
|
||||
to execute another process. the integration tests cannot make another
|
||||
process or depend on a compiled file, they must do all of their testing in
|
||||
the current (test) process.
|
||||
|
||||
* we shouldn't be passing around a statedir, it should be read from the
|
||||
environment or default.
|
||||
|
||||
## CRITICAL SECURITY ISSUES - Must Fix Before 1.0
|
||||
|
||||
- [ ] **1. Memory security vulnerabilities**: Sensitive data (passwords,
|
||||
private keys, passphrases) stored as strings are not properly zeroed from
|
||||
memory after use. Memory dumps or swap files could expose secrets. Found
|
||||
in crypto.go:107, passphraseunlocker.go:29-48, cli/crypto.go:89,193,
|
||||
pgpunlocker.go:278, keychainunlocker.go:252,346.
|
||||
|
||||
## HIGH PRIORITY SECURITY ISSUES
|
||||
|
||||
- [ ] **4. Application crashes on corrupted metadata**: Code panics instead
|
||||
|
||||
Reference in New Issue
Block a user