Re: making perl more forgetting

Of course, in your case, $c is still holding carangaBoomBANG!, so your grep will still find it.

And there are also many other ways in which a value can be copied around, for example, when the memory for the string part of a scalar has to be reallocated in a different region, the old, now unused memory is not cleared in any way.

In short, I don't see much hope for you to erase "sensitive" data from memory within Perl unless you can confine the handling to very short places and control every step of handling.

Personally, I would rely on the security features of the OS, especially that only the superuser (if at all) has read rights to /dev/mem, and no other script is run as the current user which could peek the sensitive data from memory.

Comment on Re: making perl more forgetting

Replies are listed 'Best First'.
Re: Re: making perl more forgetting by ddzeko (Acolyte) on May 16, 2004 at 18:38 UTC
Contents of $c were found as expected. But, take a look at this (grep output): `charangaBoomBANG! D-charangaBoomBANG! D-xxxxxxxxBoomBANG!` [download] It looks like substr() operation duped $d string and served me another instance with copy of my old data. That was my second try after assigning an empty string '' gave similar result (preserved secret "D-...BANG!") My all hopes are now towards vec() function and I'll give it a try right away! Cherio!	[reply] [d/l]

Replies are listed 'Best First'.

Re: Re: making perl more forgetting
by ddzeko (Acolyte) on May 16, 2004 at 18:38 UTC

Contents of $c were found as expected. But, take a look at this (grep output):

   charangaBoomBANG!
   D-charangaBoomBANG!
   D-xxxxxxxxBoomBANG!
[download]

It looks like substr() operation duped $d string and served me another instance with copy of my old data.

That was my second try after assigning an empty string '' gave similar result (preserved secret "D-...BANG!")

My all hopes are now towards vec() function and I'll give it a try right away!

Cherio!

[reply]
[d/l]