[Twisted-Python] Erasing strings from memory?

Moshe Zadka twisted at moshez.org
Sun Nov 10 13:06:27 EST 2002

On Sun, 10 Nov 2002, "Paul Swartz" <z3p at twistedmatrix.com> wrote:

> I'm working on a SSH client/server for Twisted, 
> and some of the things the client needs to work 
> with are passwords both for login and for private 
> keys, and then the decrypted keys.  Obviously, 
> storing these in memory leads to the possibility 
> of acessing them and thereby compromising the 
> user.  Is there a way to overwrite the data, or 
> otherwise erase it from memory?

The best way would probably to do it in a subprocess. The next
best way would be to read the string into an mmapped are which
you explicitely free. If you want to be really secure, write a third
program like ssh-agent which does the authentication for a user.

More information about the Twisted-Python mailing list