Erasing passwords from ram?

Dukc ajieskola at gmail.com
Tue May 7 08:50:01 UTC 2019


On Monday, 6 May 2019 at 17:57:55 UTC, Cym13 wrote:
> So what I'm trying to say is that, given your threat model, it 
> does not seem relevant to protect against memory disclosure 
> specifically: you want to protect against the larger and more 
> common threat of memory corruptions and that happens to cover 
> your current threat model.

Yes, I agree. So most important things are to keep boundscheck 
on, no plaintext passwords on hard disk and a restarter process 
separate from worker process. And no needless secrets on the 
server to protect in the first place, of course.

> Unless what you want to protect is very very sensitive erasing 
> passwords from memory would most likely be wasted time. But 
> that's something that only you can assess.

I assess that it's extra that won't hurt if I can easily do it 
and are in mood to, but I should not be pushing other work or 
kicking myself to implement it. Thanks for the analysis.


More information about the Digitalmars-d-learn mailing list