I would expect char[] or byte[] to be just as easily recognizable. People have used them to store passwords because those data types can be zero'd out; whereas, String is immutable and references are kept by the intern mechanism of String. If the char[] or byte[] is ever converted to a String (or originates as a String), it will still fall into this trap. With garbage collection, it is unknowable if the array was moved to somewhere else in the heap leaving a copy behind, so it is still not a reliable way to time box the opportunity to gather the password. All that said, such an attack would require elevated permissions at the OS or JVM level to such an extent that I would argue this threat would be inconsequential in practice.
On Mon, Jul 8, 2013 at 6:05 PM, Roger L. Whitcomb <roger.whitc...@actian.com > wrote: > I had a thought that it would be more secure to pass password data > around in VFS as byte arrays instead of String objects so they could > less easily be found by memory dumpers/scanners. This would apply (for > instance) to GenericFileName constructor and access methods, etc. > Obviously, at some point, you have to convert to String (like in > "GenericFileName.appendCredentials"), but it seems like at least some > level of obfuscation, as in storing the data as bytes might be useful to > increase security. > > > > Thoughts? Thanks. > > > > ~Roger Whitcomb > > Apache Pivot PMC Chair > >
