On Sun, Mar 15, 2009 at 7:22 PM, Philipp Klaus Krause <[email protected]> wrote: > Geoffrey Irving schrieb: >> A thought that occurred to me after the discussion of array >> initialization: allowing user access to uninitialized memory opens a >> security hole. It would become possible to read passwords or other >> sensitive data out of the "uninitialized" memory, which would rule out >> the use of BitC for intraprocess access control setups. I think this >> is more than enough to kill the idea of an uninitialized allocation >> primitive. >> >> Geoffrey > > Since you want the zeroing done for security reasons: Wouldn't it make > much more sense to zero upon deallocation?
That isn't feasible in a garbage collected language with no finalizers. Memory in a fully garbage collected language isn't so much deallocated as forgotten: once all pointers to a block disappear it's impossible to know whether the memory is in order to zero it. Geoffrey _______________________________________________ bitc-dev mailing list [email protected] http://www.coyotos.org/mailman/listinfo/bitc-dev
