comment on

Except for the possibility of somebody breaking in and gaining root privileges I do not fear of (legitimate) root users stealing confidential data. I'm just concerned with the lack of possibility to overwrite string of characters to remove it's contents from memory and make my program more secure.

This program is running as daemon and since it's pretty stable (POE rocks) and does not leak memory it does not get restarted too often. It's the fact that it leaves the trail of it's confidential parameters in memory and that I cannot do anything about it that worries me.

Can I file it as a bug report? :)

Having wipe() in Perl would fix my problem and greatly improved Perl's useability in security related applications. Or having some keyword that would mark variable wipeable by the GC when the data is being released.

I'm looking forward to write userspace filesystem drivers in Linux using Perl, but I would not approach such thing without having means to destroy unwanted confidential data.

In reply to Re: making perl more forgetting by ddzeko
in thread making perl more forgetting by ddzeko

Are you posting in the right place? Check out Where do I post X? to know for sure.
Posts may use any of the Perl Monks Approved HTML tags. Currently these include the following:
<code> <a> <b> <big> <blockquote> <br /> <dd> <dl> <dt> <em> <font> <h1> <h2> <h3> <h4> <h5> <h6> <hr /> <i> <li> <nbsp> <ol> <p> <small> <strike> <strong> <sub> <sup> <table> <td> <th> <tr> <tt> <u> <ul>
Snippets of code should be wrapped in <code> tags not <pre> tags. In fact, <pre> tags should generally be avoided. If they must be used, extreme care should be taken to ensure that their contents do not have long lines (<70 chars), in order to prevent horizontal scrolling (and possible janitor intervention).
Want more info? How to link or How to display code and escape characters are good places to start.


There's more than one way to do things
	PerlMonks