Back to list
*Note: Email address will appear as "user domain ext" to prevent harvesting.
Mac OS X stores login/Keychain/FileVault passwords on disk
Jun 25 2004 09:48AM
Matt Johnston (matt ucc asn au)
It seems that Mac OS X (10.3.4 tested) doesn't bother clearing memory
containing sensitive data, or using mlock() to avoid swapping.
A quick grep of the swapfiles will show up various morsels:
rez:~> sudo strings -8 /var/vm/swapfile0 |grep -A 4 -i longname
<user's password here>
[ more ]
Copyright 2010, SecurityFocus