Use SecureString where there is data to be cleansed SecureString has quite a few places it should be used in the user management code. Tested: ran set password, test password, and other commands Change-Id: Ia53bc914d25f7965c3e72d5cf18346e0fa9339b9 Signed-off-by: Vernon Mauery <vernon.mauery@linux.intel.com>

commit: 1e22a0f1a0348846eb56f534f101776dc445b764 [log] [tgz]
author: Vernon Mauery <vernon.mauery@linux.intel.com> Fri Jul 30 13:36:54 2021 -0700
committer: Vernon Mauery <vernon.mauery@linux.intel.com> Wed Sep 01 02:46:32 2021 +0000
tree: 56a9f78efe47ff81cbe6c0bba2f444d671527107
parent: a67caed71e1553235eb5b2ae0e252e654111a382 [diff] [blame]
diff --git a/user_channel/user_mgmt.cpp b/user_channel/user_mgmt.cpp
index 182d17d..452be90 100644
--- a/user_channel/user_mgmt.cpp
+++ b/user_channel/user_mgmt.cpp

@@ -751,7 +751,7 @@
 }
 
 Cc UserAccess::setSpecialUserPassword(const std::string& userName,
-                                      const std::string& userPassword)
+                                      const SecureString& userPassword)
 {
     if (pamUpdatePasswd(userName.c_str(), userPassword.c_str()) != PAM_SUCCESS)
     {
commit	1e22a0f1a0348846eb56f534f101776dc445b764	[log] [tgz]
author	Vernon Mauery <vernon.mauery@linux.intel.com>	Fri Jul 30 13:36:54 2021 -0700
committer	Vernon Mauery <vernon.mauery@linux.intel.com>	Wed Sep 01 02:46:32 2021 +0000
tree	56a9f78efe47ff81cbe6c0bba2f444d671527107
parent	a67caed71e1553235eb5b2ae0e252e654111a382 [diff] [blame]