Re: WMI (and seriously - passwords in memory?)
@patrickstar
Cached credentials are presumably in the Kernel or at least another processes memory.
In VMS, pa-risc HPUX and Sparc Solaris, user processes can't read the memory space of other user processes, and certainly not Kernel memory (not unless you are superuser). So no - kerberos doesn't have the same problem on *ix.
I've been trying to google for an answer, what I found is vague - so I'll assume you are right- Linux and Windows both suffer from this malady of allowing any process free reign of reading all the memory space. So yes - kerberos on LINUX would have the same problem. There is a whole other thread in these comments about whether Linux is any better than windows or not.
But if you know that OS allows your memory to be read, then you should code with that in mind - there is no need to keep the password itself in memory - you can hash it with a low collision hash. Or at least only keep the password in memory during the actual password compare and then zero the memory out.