[Python-ideas] Secure string disposal (maybe other inmutable seq types too?)

Christian Heimes christian at python.org
Sat Jun 23 16:43:29 EDT 2018

On 2018-06-23 21:55, Ezequiel Brizuela [aka EHB or qlixed] wrote:
> El sáb., 23 de jun. de 2018 10:58, Stephan Houben
> <stephanh42 at gmail.com
> <mailto:stephanh42 at gmail.com>> escribió:
>     Would it not be much simpler and more secure to just disable core dumps?
>     /etc/security/limits.conf on Linux.
>     If the attacker can cause and read a core dump, the game seems over
>     anyway since sooner or later he will catch the core dump at a time
>     the string was not yet deleted.
> Thing is that this could be leaked in other ways, not just on a core.
> Additiinally there is the case when you need a core to debug the issue,
> you could be sharing sensitive info without knowing it.
> Also is not always an option disabling core generation.

If you have core dumps enabled, then memory wiping will not help against
accidental leakage of sensitive data.

More information about the Python-ideas mailing list