subject:"\[issue17405\] Add _Py_memset_s\(\) to securely clear memory"

[issue17405] Add _Py_memset_s() to securely clear memory

2021-10-20 Thread Christian Heimes

Christian Heimes added the comment: There haven't been any activity on this feature request for eight years. I'm no longer interested to implement my feature request. Closing... -- resolution: -> rejected stage: patch review -> resolved status: open -> closed

[issue17405] Add _Py_memset_s() to securely clear memory

2016-09-24 Thread Christian Heimes

Changes by Christian Heimes : -- priority: normal -> low versions: +Python 3.7 -Python 3.5 ___ Python tracker ___

[issue17405] Add _Py_memset_s() to securely clear memory

2016-06-12 Thread Christian Heimes

Changes by Christian Heimes : -- assignee: christian.heimes -> ___ Python tracker ___ ___

[issue17405] Add _Py_memset_s() to securely clear memory

2013-11-17 Thread Christian Heimes

Christian Heimes added the comment: I don't have enough time to work in this issue before 3.4 beta1. -- versions: +Python 3.5 -Python 3.4 ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue17405

[issue17405] Add _Py_memset_s() to securely clear memory

2013-10-31 Thread STINNER Victor

Changes by STINNER Victor victor.stin...@gmail.com: -- nosy: +haypo ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue17405 ___ ___ Python-bugs-list

[issue17405] Add _Py_memset_s() to securely clear memory

2013-10-31 Thread Antoine Pitrou

Antoine Pitrou added the comment: I think I still don't understand the use case within Python. Why would you want to clear the internal state of a hash object? If you can read the computer's memory, you probably have access to sensitive data already? --

[issue17405] Add _Py_memset_s() to securely clear memory

2013-10-31 Thread STINNER Victor

STINNER Victor added the comment: Some comments: - I don't have small files which just contain one function. Do you expect that we may add other security-related functions? You may add a pysecurity.c file. (It's maybe a stupid idea.) - Why only a few hash functions (sha1, sha3)? We must use

[issue17405] Add _Py_memset_s() to securely clear memory

2013-06-16 Thread Christian Heimes

Christian Heimes added the comment: I finally figured out why _Py_memset_s() wasn't available inside extension modules. The linker removes object files from the main binary unless one or more symbols from an object files are referenced somewhere. Objects/object.c has a workaround for

[issue17405] Add _Py_memset_s() to securely clear memory

2013-03-13 Thread Christian Heimes

Christian Heimes added the comment: Here is a patch that implements _Py_memset_s() according to C11 with a fallback to memset_s(). My linker fu seems to be weak. I had to use _Py_memset_s() in random.c otherwise the function is removed from the static Python binary. I double-checked with

[issue17405] Add _Py_memset_s() to securely clear memory

2013-03-13 Thread Antoine Pitrou

Antoine Pitrou added the comment: Right now I don't really see the point of this. The randomized hash is not cryptographically secure, so this sounds like premature securization to me. -- nosy: +pitrou ___ Python tracker rep...@bugs.python.org

[issue17405] Add _Py_memset_s() to securely clear memory

2013-03-12 Thread Christian Heimes

New submission from Christian Heimes: Compilers like GCC optimize away code like memset(var, 0, sizeof(var)) if the code occurs at the end of a function and var is not used anymore [1]. But security relevant code like hash and encryption use this to overwrite sensitive data with zeros. The

[issue17405] Add _Py_memset_s() to securely clear memory

2013-03-12 Thread Benjamin Peterson

Benjamin Peterson added the comment: Even if you get the memset to actually run, that's hardly sufficient for security. The OS can could have swapped it to disk. -- nosy: +benjamin.peterson ___ Python tracker rep...@bugs.python.org

[issue17405] Add _Py_memset_s() to securely clear memory

2013-03-12 Thread Christian Heimes

Christian Heimes added the comment: mlock() can prevent swapping but it may need extra capabilities. A working memset_s() removes critical information from core dumps at least. If we don't want to add _Py_memset_s() then I'm going to remove the dysfunctional clearstate macro from my sha3

[issue17405] Add _Py_memset_s() to securely clear memory

2013-03-12 Thread Benjamin Peterson

Benjamin Peterson added the comment: I'm not saying don't add it, just that you can't really win in the securely deleting data game unless you have special hardware. -- ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue17405

[issue17405] Add _Py_memset_s() to securely clear memory

2013-03-12 Thread Gregory P. Smith

Gregory P. Smith added the comment: I'd personally say don't bother with this. Let people who _need_ this use their own C extension modules to handle all secure data as we're not in a position to make and test any guarantees about what happens to data anywhere within a Python VM. If this is

[issue17405] Add _Py_memset_s() to securely clear memory

[issue17405] Add _Py_memset_s() to securely clear memory

[issue17405] Add _Py_memset_s() to securely clear memory

[issue17405] Add _Py_memset_s() to securely clear memory

[issue17405] Add _Py_memset_s() to securely clear memory

[issue17405] Add _Py_memset_s() to securely clear memory

[issue17405] Add _Py_memset_s() to securely clear memory

[issue17405] Add _Py_memset_s() to securely clear memory

[issue17405] Add _Py_memset_s() to securely clear memory

[issue17405] Add _Py_memset_s() to securely clear memory

[issue17405] Add _Py_memset_s() to securely clear memory

[issue17405] Add _Py_memset_s() to securely clear memory

[issue17405] Add _Py_memset_s() to securely clear memory

[issue17405] Add _Py_memset_s() to securely clear memory

[issue17405] Add _Py_memset_s() to securely clear memory

15 matches

Site Navigation

Mail list logo

Footer information