[英]How do I use SecureZeroMemory with LogonUser when impersonating a user?
When is it necessary or recommended to add the function SecureZeroMemory ? 什么时候需要或建议添加功能SecureZeroMemory ?
Neither this MSFT sample for WindowsImpersonationContext , or these Stackoverflow questions link link2 even mention the SecureZeroMemory function. 这个用于WindowsImpersonationContext的MSFT示例或这些Stackoverflow问题链接 link2都没有提到SecureZeroMemory函数。
Should I implement this function (or perhaps ask the owner of the accepted answers to include this feature?) 我应该实现此功能(还是要求已接受答案的所有者包括此功能?)
SecureZeroMemory
is, as the name would imply, a way to set a block of memory to all 0x00
values, although it has the following idiosyncracies: SecureZeroMemory
, SecureZeroMemory
是一种将内存块设置为所有0x00
值的方法,尽管它具有以下特质:
As @user629926 mentions, the SecureString
class, as awkward as it can be to use, is a "safe" way of holding onto string
data in memory without worrying that if your app crashes, someone can sift through the memory dump and find your raw sensitive data in it. 正如@ user629926所提到的,
SecureString
类虽然使用起来很尴尬,但却是一种保存内存中string
数据的“安全”方式,而不必担心如果您的应用程序崩溃了,有人可以在内存转储中进行筛选并找到您的原始文件其中的敏感数据。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.