diff options
author | Jeff Garzik <jeff@garzik.org> | 2006-04-25 03:00:29 -0400 |
---|---|---|
committer | Jeff Garzik <jeff@garzik.org> | 2006-04-25 03:00:29 -0400 |
commit | 0340f74caa84a3843246d252ab64e3e802d14e20 (patch) | |
tree | 4196fe775d027040694527507234255b970caaca | |
parent | 4158bad935569acb91d0eb68923bb155ee9e16f5 (diff) | |
download | dbfs-0340f74caa84a3843246d252ab64e3e802d14e20.tar.gz |
Password-related bug fixes.
-rw-r--r-- | dbfs.h | 2 | ||||
-rw-r--r-- | libdbfs.c | 8 |
2 files changed, 6 insertions, 4 deletions
@@ -65,7 +65,7 @@ struct dbfs_inode { struct dbfs { const char *home; - const char *passwd; + char *passwd; DB_ENV *env; DB *meta; @@ -46,9 +46,9 @@ int dbfs_open(struct dbfs *fs) goto err_out; } - /* this isn't a very good way to shroud the password */ - if (putenv("DB_PASSWORD=X")) - perror("putenv (SECURITY WARNING)"); + memset(fs->passwd, 0, strlen(fs->passwd)); + free(fs->passwd); + fs->passwd = NULL; } /* init DB transactional environment, stored in directory db_home */ @@ -131,6 +131,8 @@ struct dbfs *dbfs_new(void) passwd = getenv("DB_PASSWORD"); if (passwd) { fs->passwd = strdup(passwd); + + /* this isn't a very good way to shroud the password */ if (putenv("DB_PASSWORD=X")) perror("putenv DB_PASSWORD (SECURITY WARNING)"); } |