I wanted to learn more on how authentication and privilege escalation works on Linux so I developed kindly

# Checking the encrypted passwords of the users on your system
kindly cat /etc/shadow

This project does not in any way aim to replace sudo and was implemented by someone without a background in cryptography or infosec, although the appliacation does take some security measures:

• Locks all memory pages mapped into its address space in order to avoid leaking information if sent to swap
• Reads the password from a tty using rpassword
• Zeroes and drops the unencrypted password as soon as it is no longer needed through non-elidable operations
• Attempts to avoid timing attacks through "constant-time" byte comparisons

kindly does aim, however, to be very readable and well-commented.

Check the main function to get an overall look into all of the stuff it does.

Repository link: https://github.com/vrmiguel/kindly

Any thoughts or discussions are welcome :D