On 7/5/2014 11:45 PM, Nick Sabalausky wrote:
The idea behind the auto-zeroing Password type in DAuth: you do your best to give it [hopefully] the one and only copy of the plaintext password data, in mutable form, and DAuth nukes it from memory as soon as it's able to. Not if/when GC kicks in, sweeps it, and reuses it. And not just a copy of the data, but the actual [hopefully] original buffer. Any further attempts (deliberate or accidental) to read that data through any other reference will only receive zeros.
It's an interesting possible application for a 'unique' reference type.
