Seems like a pretty basic security precaution to avoid loading decrypted secrets into memory before they’re needed. Someone who can access application memory can already own you but there isn’t really a good reason why they should be able to access secrets that you never accessed while they were in.
I wouldn’t say it’s an alarming flaw, just seems weirdly and unnecessarily unsafe
Yep, and at that point they will be in memory until a reasonable time to clean up. But decrypting the whole password database and leaving it there forever seems needlessly unsafe.
Seems like a pretty basic security precaution to avoid loading decrypted secrets into memory before they’re needed. Someone who can access application memory can already own you but there isn’t really a good reason why they should be able to access secrets that you never accessed while they were in.
I wouldn’t say it’s an alarming flaw, just seems weirdly and unnecessarily unsafe
At some point they will need to be decrypted anyway
I think this was done for performance and simplicity
Yep, and at that point they will be in memory until a reasonable time to clean up. But decrypting the whole password database and leaving it there forever seems needlessly unsafe.