[Python-ideas] Secure string disposal (maybe other inmutable seq types too?)

Paul Moore p.f.moore at gmail.com
Sun Jun 24 16:10:18 EDT 2018


On 24 June 2018 at 03:44, Terry Reedy <tjreedy at udel.edu> wrote:
> On 6/23/2018 8:14 PM, Greg Ewing wrote:
>>
>> Paul Moore wrote:
>>
>>> a = SafeStr("my secret data")
>>> ... work with a as if it were a string
>>> del a
>>
>>
>> But in order to create the SafeStr, you need to first have
>> the data in the form of an ordinary non-safe string. How
>> do you dispose of that safely?
>
>
> getpass could return a SafeStr (or SafeBytes?).
> SafeStr could be initialized from a sequence of ints.

That's certainly a possibility. It's basically what the .net
SecureString class does.

But the initialisation problem is definitely a big flaw in the idea
that I hadn't thought of :-( The moral of this is probably for me to
leave security design to the experts :-)

Paul


More information about the Python-ideas mailing list