On 23.06.2018 02:45, Chris Angelico wrote: > Would it suffice to flag the string as "this contains sensitive data, > please overwrite its buffer when it gets deallocated"? The only > difference, in your example, would be that the last print would show > the original data, and the wipe would happen afterwards. Advantages of > this approach include that getpass can automatically flag the string > as sensitive, and the "sensitive" flag can infect other strings (so > <<pwd + "x">> would be automatically flagged to be wiped). Downside: > You can't say "I'm done with this string, destroy it immediately".
I think the flag is an excellent idea. I'm not so sure about the automatic propagation of the flag, though. If a string gets interned with the flag set, this could lead to a lot of other strings receiving the flag without intent. Then again, you will probably not want such strings to be interned in the first place. -- Marc-Andre Lemburg eGenix.com Professional Python Services directly from the Experts (#1, Jun 23 2018) >>> Python Projects, Coaching and Consulting ... http://www.egenix.com/ >>> Python Database Interfaces ... http://products.egenix.com/ >>> Plone/Zope Database Interfaces ... http://zope.egenix.com/ ________________________________________________________________________ ::: We implement business ideas - efficiently in both time and costs ::: eGenix.com Software, Skills and Services GmbH Pastor-Loeh-Str.48 D-40764 Langenfeld, Germany. CEO Dipl.-Math. Marc-Andre Lemburg Registered at Amtsgericht Duesseldorf: HRB 46611 http://www.egenix.com/company/contact/ http://www.malemburg.com/ _______________________________________________ Python-ideas mailing list Python-ideas@python.org https://mail.python.org/mailman/listinfo/python-ideas Code of Conduct: http://python.org/psf/codeofconduct/
