Skip to content

feat (security): Ensure LDAP credentials are cleared from memory after bind #8

Description

@timoguin

Currently, LDAP credentials are carried in bind-dn and password variables. Even if we use an encrypted credential store (#7) to retrieve these sensitive values, they are in program memory at least through the lifetime of the LDAP query (which could have a long execution time). See if we can clear these sensitive values from memory after the session is bound.

Metadata

Metadata

Assignees

Labels

No labels
No labels

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions