[Twisted-Python] Erasing strings from memory?
Moshe Zadka
twisted at moshez.org
Sun Nov 10 13:06:27 EST 2002
On Sun, 10 Nov 2002, "Paul Swartz" <z3p at twistedmatrix.com> wrote:
> I'm working on a SSH client/server for Twisted,
> and some of the things the client needs to work
> with are passwords both for login and for private
> keys, and then the decrypted keys. Obviously,
> storing these in memory leads to the possibility
> of acessing them and thereby compromising the
> user. Is there a way to overwrite the data, or
> otherwise erase it from memory?
The best way would probably to do it in a subprocess. The next
best way would be to read the string into an mmapped are which
you explicitely free. If you want to be really secure, write a third
program like ssh-agent which does the authentication for a user.
More information about the Twisted-Python
mailing list