GC and security
Paul Rubin
http
Wed Aug 30 20:16:39 EDT 2006
Les Schaffer <schaffer at optonline.net> writes:
> so i am curious. so long as i drop all reference to the passphrase
> string(s), eventually it gets garbage collected and the memory recycled.
> so "before long" the phrase is gone from memory.
>
> is there a best practice way to do this?
You can't rely on anything like that, either on the Python GC side or
from the OS (which might have long since written the passphrase out to
the swap disk) without special arrangement. Some OS's have system
calls to lock user pages in memory and prevent swapping, and GPG tries
to use them. "Best practice" if you're doing a high security app
involves using special hardware modules to wrap the keys. The
relevant standard is FIPS 140-2, with FIPS-140-3 in preparation:
http://csrc.nist.gov/cryptval/140-2.htm
http://csrc.nist.gov/cryptval/140-3.htm
For most purposes (e.g. some random web service), this stuff is
overkill, though.
More information about the Python-list
mailing list