I think this is a leftover from the temporary value, whose data was freed, and is now either in perl's memory pool, or Linux's (?) one. See later on for why tying won't work.

You can probably wrap around perl's own malloc, so that it cleans up, and then have perl use it instead of the system one to get a desired effect. But the data may be paged, and only OpenBSD (afaik) knows to encrypt it's swap. Locking all of perl's data into real memory is not my idea of a fun time. Either way, the GnuPG project has secure memory management if you ask for it at configure time. Perhaps you should take a look at what they've done to their project, and see if you can port it to perl. It'd probably be very slow.

As for a tied interface - the memory pools perl keeps around are (probably) used for stuff like temporary assignments in concatenations, or coercions from string to number, and vice versa. The possibilities are countless. If you don't wipe everything, you're bound to leak some data.

Perhaps you should look into a black box solution instead, that is, write an XS module that stores a sensitive value till a point you define, and provides functionality (like comparison) on that value. Then pass it other values. The XS module will then be responsible for making sure the value is properly destroyed, and due to interface constraints the perl side won't see it.

-nuffin
zz zZ Z Z #!perl

In reply to Re: making perl more forgetting by nothingmuch
in thread making perl more forgetting by ddzeko

Title:
Use:  <p> text here (a paragraph) </p>
and:  <code> code here </code>
to format your post, it's "PerlMonks-approved HTML":


  • Posts are HTML formatted. Put <p> </p> tags around your paragraphs. Put <code> </code> tags around your code and data!
  • Titles consisting of a single word are discouraged, and in most cases are disallowed outright.
  • Read Where should I post X? if you're not absolutely sure you're posting in the right place.
  • Please read these before you post! —
  • Posts may use any of the Perl Monks Approved HTML tags:
    a, abbr, b, big, blockquote, br, caption, center, col, colgroup, dd, del, details, div, dl, dt, em, font, h1, h2, h3, h4, h5, h6, hr, i, ins, li, ol, p, pre, readmore, small, span, spoiler, strike, strong, sub, summary, sup, table, tbody, td, tfoot, th, thead, tr, tt, u, ul, wbr
  • You may need to use entities for some characters, as follows. (Exception: Within code tags, you can put the characters literally.)
            For:     Use:
    & &amp;
    < &lt;
    > &gt;
    [ &#91;
    ] &#93;
  • Link using PerlMonks shortcuts! What shortcuts can I use for linking?
  • See Writeup Formatting Tips and other pages linked from there for more info.