On Wednesday, 4 September 2019 14:46:09 PDT Alexander Ivash wrote: > Is there any mechanism for cleanup sensitive data like passwords etc > from QML? This issue is that gc() doesn't seem to even nullify memory > (at least in release on Windows) so all the sensitive information > stays in memory.
Write in C++ and manage your memory VERY carefully. Remember that memset() before free / delete or going out of scope is removed by the compiler. Don't use new or malloc. Instead, mmap() your chunk of memory yourself and mlock() it properly. Of course, to display such information you need to accept that it is no longer secure. It'll go to QML, then to the text engines, then the pixels will be transferred to the display server or the GPU, etc. -- Thiago Macieira - thiago.macieira (AT) intel.com Software Architect - Intel System Software Products _______________________________________________ Interest mailing list Interest@qt-project.org https://lists.qt-project.org/listinfo/interest
