From 13eb1c0bbdf07312f099099c7ca571c6a77eafa1 Mon Sep 17 00:00:00 2001
From: Janek Bevendorff <janek@jbev.net>
Date: Thu, 21 Feb 2019 22:28:45 +0100
Subject: Improve resilience against memory attacks

To reduce residual fragments of secret data in memory after
deallocation, this patch replaces the global delete operator with a
version that zeros out previously allocated memory. It makes use of
the new C++14 sized deallocation, but provides an unsized fallback
with platform-specific size deductions.

This change is only a minor mitigation and cannot protect against
buffer reallocations by the operating system or non-C++ libraries.
Thus, we still cannot guarantee all memory to be wiped after free.

As a further improvement, this patch uses libgcrypt and libsodium
to write long-lived master key component hashes into a secure
memory area and wipe it afterwards.

The patch also fixes compiler flags not being set properly on macOS.
---
 INSTALL.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'INSTALL.md')

diff --git a/INSTALL.md b/INSTALL.md
index d3927536f..3bc9185d9 100644
--- a/INSTALL.md
+++ b/INSTALL.md
@@ -25,7 +25,7 @@ The following libraries are required:
 * zlib
 * libmicrohttpd
 * libxi, libxtst, qtx11extras (optional for auto-type on X11)
-* libsodium (>= 1.0.12, optional for KeePassXC-Browser support)
+* libsodium (>= 1.0.12)
 * libargon2
 
 Prepare the Building Environment
-- 
cgit v1.2.3