Learn more about these different git repos.
Other Git URLs
This is about: https://labs.portcullis.co.uk/blog/an-offensive-introduction-to-active-directory-on-unix/
After some discussions i think we can make this better my using the following:
Use PR_SET_DUMPABLE for pages which have passwords etc, to ensure that coredumps dont contain cleartext passwords.
Use SGX when available https://en.wikipedia.org/wiki/Software_Guard_Extensions
Lastly and more importantly fedora has explicit_bzero which you should use rather manually scrub memory. Please see https://www.gnu.org/software/libc/manual/html_node/Erasing-Sensitive-Data.html This is not optimized by the compiler.
Metadata Update from @atikhonov: - Issue assigned to atikhonov
PR https://github.com/SSSD/sssd/pull/948 partially addresses item (3)
Commit 0a6fdec relates to this ticket
Commit 109c21e relates to this ticket
Commit ad1ae00 relates to this ticket
Commit 275e062 relates to this ticket
Commit 0165ef1 relates to this ticket
Commit f2245b5 relates to this ticket
master
Alexey, did the patches fix this ticket? If yes, please close it.
Metadata Update from @pbrezina: - Issue tagged with: Future milestone
Alexey, did the patches fix this ticket?
No. Only item (3) is partially addressed. Another question if we want (1) and (2) to be done.
SSSD is moving from Pagure to Github. This means that new issues and pull requests will be accepted only in SSSD's github repository.
This issue has been cloned to Github and is available here: - https://github.com/SSSD/sssd/issues/4930
If you want to receive further updates on the issue, please navigate to the github issue and click on subscribe button.
subscribe
Thank you for understanding. We apologize for all inconvenience.
Metadata Update from @pbrezina: - Issue close_status updated to: cloned-to-github - Issue status updated to: Closed (was: Open)
Login to comment on this ticket.