On 24 June 2018 at 03:44, Terry Reedy <tjre...@udel.edu> wrote:
> On 6/23/2018 8:14 PM, Greg Ewing wrote:
>>
>> Paul Moore wrote:
>>
>>> a = SafeStr("my secret data")
>>> ... work with a as if it were a string
>>> del a
>>
>>
>> But in order to create the SafeStr, you need to first have
>> the data in the form of an ordinary non-safe string. How
>> do you dispose of that safely?
>
>
> getpass could return a SafeStr (or SafeBytes?).
> SafeStr could be initialized from a sequence of ints.That's certainly a possibility. It's basically what the .net SecureString class does. But the initialisation problem is definitely a big flaw in the idea that I hadn't thought of :-( The moral of this is probably for me to leave security design to the experts :-) Paul _______________________________________________ Python-ideas mailing list Python-ideas@python.org https://mail.python.org/mailman/listinfo/python-ideas Code of Conduct: http://python.org/psf/codeofconduct/
