[Python-ideas] Secure string disposal (maybe other inmutable seq types too?)

Christian Heimes christian at python.org
Sat Jun 23 15:28:02 EDT 2018

On 2018-06-23 15:57, Stephan Houben wrote:
> Would it not be much simpler and more secure to just disable core dumps?
> /etc/security/limits.conf on Linux.
> If the attacker can cause and read a core dump, the game seems over
> anyway since sooner or later he will catch the core dump at a time the
> string was not yet deleted.

That's not sufficient. You'd also need to ensure that the memory page is
never paged to disk or a visible to gdb, ptrace, or any other kind of
debugger. POSIX has mprotect(), but it doesn't necessarily work with
malloc()ed memory and requires mmap() memory.


More information about the Python-ideas mailing list