On 2018-06-23 21:55, Ezequiel Brizuela [aka EHB or qlixed] wrote: > > > El sáb., 23 de jun. de 2018 10:58, Stephan Houben > <stephan...@gmail.com > <mailto:stephan...@gmail.com>> escribió: > > Would it not be much simpler and more secure to just disable core dumps? > > /etc/security/limits.conf on Linux. > > If the attacker can cause and read a core dump, the game seems over > anyway since sooner or later he will catch the core dump at a time > the string was not yet deleted. > > > Thing is that this could be leaked in other ways, not just on a core. > Additiinally there is the case when you need a core to debug the issue, > you could be sharing sensitive info without knowing it. > Also is not always an option disabling core generation.
If you have core dumps enabled, then memory wiping will not help against accidental leakage of sensitive data. _______________________________________________ Python-ideas mailing list Python-ideas@python.org https://mail.python.org/mailman/listinfo/python-ideas Code of Conduct: http://python.org/psf/codeofconduct/
