On 7/9/24 23:14, Rainer Deyke via Boost wrote:
On 09.07.24 16:37, Andrey Semashev via Boost wrote:
On 7/9/24 17:29, Rainer Deyke via Boost wrote:
Passwords travel along a long chain from user input to system calls. The entire chain needs to be secure or none of it is.
Why does it have to be an "all or none" choice?
Security is always about making life *hard enough* for the attacker so that the attack is not worthwhile. It is never about making the protection impenetrable, as there is simply no such thing.
Security is about identifying weaknesses and reinforcing them, not about spraying obstacles around at random. No point in putting an extra strong lock on your front door while the back door is wide open and the east wall is missing.
So: is there any real attack in the wild that can be prevented by using a secure string class?
A random core dump of the application is unlikely to leak the data. A random memory access bug is unlikely to leak the data.