[Python-ideas] Secure string disposal (maybe other inmutable seq types too?)

Greg Ewing greg.ewing at canterbury.ac.nz
Sat Jun 23 20:26:12 EDT 2018


Christian Heimes wrote:
> You'd also need to ensure that the memory page is
> never paged to disk or a visible to gdb, ptrace, or any other kind of
> debugger.

If the attacker can attach a debugger to your process, they
can already do a lot worse than snoop on your secret strings.

-- 
Greg


More information about the Python-ideas mailing list