TODO: erase secrets from heap/stack after use

Closes #7268
author: Daniel Stenberg <daniel@haxx.se> 2021-08-10 10:26:16 +0200
committer: Daniel Stenberg <daniel@haxx.se> 2021-08-10 10:26:16 +0200
commit: cfe36679d94f673a05d90ba3cd74da4a7efbac71 (patch)
tree: e0679d24510abd56fc2dff72255c6e02db061b2f
parent: 16e9c8e9909fc12c3f9735f666b5a8c5af669e8b (diff)
download: curl-cfe36679d94f673a05d90ba3cd74da4a7efbac71.tar.gz
1 files changed, 10 insertions, 0 deletions
diff --git a/docs/TODO b/docs/TODO
index 83939c0b7..d804eb6e1 100644
--- a/docs/TODO
+++ b/docs/TODO
@@ -46,6 +46,7 @@
  1.28 FD_CLOEXEC
  1.29 Upgrade to websockets
  1.30 config file parsing
+ 1.31 erase secrets from heap/stack after use
 
  2. libcurl - multi interface
  2.1 More non-blocking
@@ -433,6 +434,15 @@
 
  See https://github.com/curl/curl/issues/3698
 
+1.31 erase secrets from heap/stack after use
+
+ Introducing a concept and system to erase secrets from memory after use, it
+ could help mitigate and lessen the impact of (future) security problems etc.
+ However: most secrets are passed to libcurl as clear text from the
+ application and then clearing them within the library adds nothing...
+
+ https://github.com/curl/curl/issues/7268
+
 2. libcurl - multi interface
 
 2.1 More non-blocking
author	Daniel Stenberg <daniel@haxx.se>	2021-08-10 10:26:16 +0200
committer	Daniel Stenberg <daniel@haxx.se>	2021-08-10 10:26:16 +0200
commit	cfe36679d94f673a05d90ba3cd74da4a7efbac71 (patch)
tree	e0679d24510abd56fc2dff72255c6e02db061b2f
parent	16e9c8e9909fc12c3f9735f666b5a8c5af669e8b (diff)
download	curl-cfe36679d94f673a05d90ba3cd74da4a7efbac71.tar.gz