securely getting the user's password
Chick
anh.hai.trinh at gmail.com
Sun Mar 9 03:42:43 EDT 2008
> But a far bigger security hole is that the password is sitting there in
> your securePass variable in plain text. What are you doing about that?
Precisely why I though to use wipe() that way. The password is there
in plain text as long as it has to and then one call of
securePass.wipe() and its memory is overwritten.
So I guess it is not possible in pure Python to lock the memory from
being swaped?
More information about the Python-list
mailing list