On 6/22/2018 8:45 PM, Chris Angelico wrote:
Would it suffice to flag the string as "this contains sensitive data, please overwrite its buffer when it gets deallocated"? The only difference, in your example, would be that the last print would show the original data, and the wipe would happen afterwards. Advantages of this approach include that getpass can automatically flag the string as sensitive, and the "sensitive" flag can infect other strings (so <<pwd + "x">> would be automatically flagged to be wiped). Downside: You can't say "I'm done with this string, destroy it immediately".
But one can be careful about creating references, and in current CPython, deleting the last reference does mean destroy, and possibly wipe, immediately.
-- Terry Jan Reedy _______________________________________________ Python-ideas mailing list Python-ideas@python.org https://mail.python.org/mailman/listinfo/python-ideas Code of Conduct: http://python.org/psf/codeofconduct/