On Sat, Jun 23, 2018 at 2:00 PM, Terry Reedy <tjre...@udel.edu> wrote: > On 6/22/2018 8:45 PM, Chris Angelico wrote: > >> Would it suffice to flag the string as "this contains sensitive data, >> please overwrite its buffer when it gets deallocated"? The only >> difference, in your example, would be that the last print would show >> the original data, and the wipe would happen afterwards. Advantages of >> this approach include that getpass can automatically flag the string >> as sensitive, and the "sensitive" flag can infect other strings (so >> <<pwd + "x">> would be automatically flagged to be wiped). Downside: >> You can't say "I'm done with this string, destroy it immediately". > > > But one can be careful about creating references, and in current CPython, > deleting the last reference does mean destroy, and possibly wipe, > immediately. >
Yes, you can, for the most part. It's certainly possible to get stung (eg exceptions retaining locals), but mostly it should be fine. How will other Pythons handle this? ChrisA _______________________________________________ Python-ideas mailing list Python-ideas@python.org https://mail.python.org/mailman/listinfo/python-ideas Code of Conduct: http://python.org/psf/codeofconduct/
