...
| Wiki Markup |
|---|
See [MEM06-C. Ensure that sensitive data is not written out to disk|MEM06-C. Ensure that sensitive data is not written out to disk]. While using a password, consider storing its hash instead of plaintext. Use the hash for comparisons and other purposes. The following code \[[Viega 01|AA. References#ViegaBibliography#Viega 01]\] illustrates this: |
| Code Block | ||
|---|---|---|
| ||
int validate(char *username) {
char *password;
char *checksum;
password = read_password();
checksum = compute_checksum(password);
erase(password); /* securely erase password */
return !strcmp(checksum, get_stored_checksum(username));
}
|
...
- Be aware of compiler optimization when erasing memory (see MSC06-C. Be aware of compiler optimization when dealing with sensitive data).
Wiki Markup Use secure erase methods specified in US Department of Defense Standard 5220 \[[DOD 5220|AA. References#DODBibliography#DOD 5220]\] or Peter Gutmann's paper \[[Gutmann 96|AA. References#GutmannBibliography#Gutmann 96]\].
Risk Assessment
If sensitive data is not handled correctly in a program, an attacker can gain access to it.
...
| Wiki Markup |
|---|
\[[MITRE 07|AA. References#MITREBibliography#MITRE 07]\] [CWE-798|http://cwe.mitre.org/data/definitions/798.html], "Use of Hard-coded Credentials," [CWE-326|http://cwe.mitre.org/data/definitions/326.html], "Inadequate Encryption Strength," [CWE-311|http://cwe.mitre.org/data/definitions/311.html], "Missing Encryption of Sensitive Data" \[[DOD 5220|AA. References#DODBibliography#DOD 5220]\] \[[Gutmann 96|AA. References#GutmannBibliography#Gutmann 96]\] \[[Lewis 06|AA. References#LewisBibliography#Lewis 06]\] \[[Viega 01|AA. References#ViegaBibliography#Viega 01]\] |
...