pitrou commented on code in PR #47339:
URL: https://github.com/apache/arrow/pull/47339#discussion_r2285312833
##########
python/pyarrow/_parquet_encryption.pyx:
##########
@@ -300,20 +306,29 @@ cdef class KmsConnectionConfig(_Weakrefable):
# Callback definitions for CPyKmsClientVtable
cdef void _cb_wrap_key(
- handler, const c_string& key_bytes,
+ handler, const CSecureString& key,
const c_string& master_key_identifier, c_string* out) except *:
+ cdef:
+ cpp_string_view view = key.as_view()
+ key_bytes = PyObject_to_object(
+ PyBytes_FromStringAndSizeNative(view.data(), view.size()))
Review Comment:
Ok, even the `cryptography` package doesn't do anything about it, so we may
just have to live with it:
https://cryptography.io/en/latest/limitations/#secure-memory-wiping
> However, `cryptography` does not clear memory by default, as there is no
way to clear immutable structures such as bytes. As a result, `cryptography`,
like almost all software in Python is potentially vulnerable to this attack.
The [CERT secure coding
guidelines](https://wiki.sei.cmu.edu/confluence/display/c/MEM03-C.+Clear+sensitive+information+stored+in+reusable+resources)
assesses this issue as “Severity: medium, Likelihood: unlikely, Remediation
Cost: expensive to repair” and we do not consider this a high risk for most
users.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: github-unsubscr...@arrow.apache.org
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
