On 6/22/2018 8:31 PM, Ezequiel Brizuela [aka EHB or qlixed] wrote:
As all the string in python are immutable, is impossible to overwrite
the value
Not if one uses ctypes. Is that what you did?
Well I already do it:
https://github.com/qlixed/python-memwiper/
But i hit a lot of problems in the road, I was working on me free time
over the last year on this and make it "almost" work, but that is not
relevant to the proposal.
I think it is. A very small fraction of Python users need such wiping.
And I doubt that it can be complete. For instance, I suspect that a
password entered into getpass, for instance, first exists in OS form
before being copied into a Python string objects. Wiping the Python
string would not wipe the original copy. So this really should be
attacked at the OS level, not the language level. I have read that
phones use separate memory for critical data to try to protect critical
data.
--
Terry Jan Reedy
_______________________________________________
Python-ideas mailing list
Python-ideas@python.org
https://mail.python.org/mailman/listinfo/python-ideas
Code of Conduct: http://python.org/psf/codeofconduct/
