I think this is a leftover from the temporary value, whose data was freed, and is now either in perl's memory pool, or Linux's (?) one. See later on for why tying won't work.

You can probably wrap around perl's own malloc, so that it cleans up, and then have perl use it instead of the system one to get a desired effect. But the data may be paged, and only OpenBSD (afaik) knows to encrypt it's swap. Locking all of perl's data into real memory is not my idea of a fun time. Either way, the GnuPG project has secure memory management if you ask for it at configure time. Perhaps you should take a look at what they've done to their project, and see if you can port it to perl. It'd probably be very slow.

As for a tied interface - the memory pools perl keeps around are (probably) used for stuff like temporary assignments in concatenations, or coercions from string to number, and vice versa. The possibilities are countless. If you don't wipe everything, you're bound to leak some data.

Perhaps you should look into a black box solution instead, that is, write an XS module that stores a sensitive value till a point you define, and provides functionality (like comparison) on that value. Then pass it other values. The XS module will then be responsible for making sure the value is properly destroyed, and due to interface constraints the perl side won't see it.