On 27-01-2012 15:55, Piotr Szturmaj wrote:
We need a solution to store confidential data like encryption keys or
passwords securely.
For example .NET has SecureString
(http://msdn.microsoft.com/en-us/library/system.security.securestring.aspx).
At bare minimum program must be able to mark memory regions as non
pageable, so private data will not be paged to disk.
On Windows there is VirtualLock/VirtualUnlock
(http://msdn.microsoft.com/en-us/library/windows/desktop/aa366895%28v=vs.85%29.aspx).
On *nixes there is mlock/munlock (http://linux.die.net/man/2/mlock).
Also, regions marked as secure must be zeroed after deallocation.
Should we make something like secure allocator in Phobos?
This can probably be included in Andrei's allocator design.
- Alex
