I was thinking we'd secure all the buffers we use to communicate with either the greeter, since we don't know ahead of time which messages have passwords. Agreed regarding the greeter. We can probably just use mlockall there.
I am looking at libgcrypt to manage the secure memory pools for us (libgcr is newer and gobject-based, but it pulls in GTK+; libgnome-keyring is semi-deprecated and depends on libgcrypt anyway).
I was thinking we'd secure all the buffers we use to communicate with either the greeter, since we don't know ahead of time which messages have passwords. Agreed regarding the greeter. We can probably just use mlockall there.
I am looking at libgcrypt to manage the secure memory pools for us (libgcr is newer and gobject-based, but it pulls in GTK+; libgnome-keyring is semi-deprecated and depends on libgcrypt anyway).