Reply to Re: [PHP] Storing CCN's Again...

Your name:

Reply:


Posted by Richard Lynch on 02/08/05 19:23

Greg Donald wrote:
> On Tue, 8 Feb 2005 08:37:32 -0800, Tony Di Croce <dicroce@gmail.com>
> wrote:
>> So, it doesn't seem like anyone is aware of a way to make PHP paranoid
>> about such things... Perhaps their is a lower level way to get linux
>> to scrub an address space when a process exits? I will google....
>
> It's pretty simple to scrub the data away.
>
> $cc = '1234123412341234';
>
> // do processing
>
> $cc = md5( time() );

There's no guarantee that will re-use the same bytes for the new string in
the low-level C malloc/alloc/???alloc calls, I don't think...

*MAYBE* using the {} operator on a char-by-char basis would be more likely
to wipe the bytes...

I suspect that if somebody is skilled enough to read your un-malloced RAM
for CC#s, they are probably skilled enough to peek into your current
in-use RAM for CC#s... I'm no expert, though, so maybe not.

--
Like Music?
http://l-i-e.com/artists.htm

[Back to original message]


Удаленная работа для программистов  •  Как заработать на Google AdSense  •  England, UK  •  статьи на английском  •  PHP MySQL CMS Apache Oscommerce  •  Online Business Knowledge Base  •  DVD MP3 AVI MP4 players codecs conversion help
Home  •  Search  •  Site Map  •  Set as Homepage  •  Add to Favourites

Copyright © 2005-2006 Powered by Custom PHP Programming

Сайт изготовлен в Студии Валентина Петручека
изготовление и поддержка веб-сайтов, разработка программного обеспечения, поисковая оптимизация