securely getting the user's password
Chick
anh.hai.trinh at gmail.com
Sat Mar 8 21:50:30 EST 2008
Hello,
I'm writing a security tool which requies wiping off the memory of
certain string after being used, which I've done by implementing it as
a mutable list as follow:
class secureStr:
def __init__(self, str):
self.__s = []
for i in range(len(str)):
self.s += str[i]
def __str__(self):
return "".join(self.__s)
def wipe(self):
for i in range(len(self.__s)):
self.s[i] = '\x00'
def __del__(self):
self.wipe()
My question is how do I write a function to securely get the password
from user (in text mode)? If I do sth like
import getpass
securePass = secureStr(getpass,getpass())
doesn't that create an immediate string object that will stay in
memory?
More information about the Python-list
mailing list