[Python-ideas] Secure string disposal (maybe other inmutable seq types too?)
Christian Heimes
christian at python.org
Sat Jun 23 15:28:02 EDT 2018
On 2018-06-23 15:57, Stephan Houben wrote:
> Would it not be much simpler and more secure to just disable core dumps?
>
> /etc/security/limits.conf on Linux.
>
> If the attacker can cause and read a core dump, the game seems over
> anyway since sooner or later he will catch the core dump at a time the
> string was not yet deleted.
That's not sufficient. You'd also need to ensure that the memory page is
never paged to disk or a visible to gdb, ptrace, or any other kind of
debugger. POSIX has mprotect(), but it doesn't necessarily work with
malloc()ed memory and requires mmap() memory.
Christian
More information about the Python-ideas
mailing list