Re: Re: making perl more forgetting

Thanks everybody for answers.

In my case, I don't need each and every scalar wiped out. In fact there is just this one type of data (credit card details) that I wish to handle securely.

Unfortunately, I don't see an option here. There are just too many places where raw data pass until they finaly reach my variables. (I'm using POE, with Wheels and Filters for I/O and credit card details are present in input and output messages in cleartext form (in one case over the IPsec VPN, and in other using UNIX socket to communicate to local process)).

As I see it now, there's not much hope in this case. Only real good kernel level security (eventualy, with secured swap space using loop-aes on Linux or something similar on *BSD), to reduce risks and try to make sure that in case of a break-in the damage will be minimal.

Comment on Re: Re: making perl more forgetting

Replies are listed 'Best First'.
Re: Re: Re: making perl more forgetting by eXile (Priest) on May 17, 2004 at 04:37 UTC
Hi, What you could try to do in minimizing the risk of sensitive stuff in memory is forking a separate process that handles the sensitive information and keep that running as short as possible. The memory freed after that process finished may still contain the sensitive information, as pointed out by gmpassos, but if you keep your sensitive information-process running long (as a deamon for instance) it certainly will contain the sensitive information and this will be in memory. What you could do is have another 'wiper'-process that uses a lot of memory, so the chance of your sensitive information being overwritten becomes very high, something simple like: `#!/usr/bin/perl while (1) { my $aap = "a" x 8192; sleep 1; }` [download] will allocate at least 8192 bytes filled with 'a' every second (and probably a whole lot because we run perl), at te expense of some CPU and memory (duh). This could be tuned to take into account the current state of total memory usage (make the wiper-process use more if there's a lot of free memory left). I'm not very experienced in the details of memory management, but having a hight turnover in used memory to me seems a good way to decrease the chance of sensitive information still being in memory. Beware of using too much memory, because that will result in swap-usage and in that case you also have to deal with getting rid of your information if it's in swap memory. Maybe its advisable to not use swap-memory (lots of 'Live-CD' OSses don't use swap), and just add some extra memory to your system.	[reply] [d/l]

Replies are listed 'Best First'.

Re: Re: Re: making perl more forgetting
by eXile (Priest) on May 17, 2004 at 04:37 UTC

What you could try to do in minimizing the risk of sensitive stuff in memory is forking a separate process that handles the sensitive information and keep that running as short as possible. The memory freed after that process finished may still contain the sensitive information, as pointed out by gmpassos, but if you keep your sensitive information-process running long (as a deamon for instance) it certainly will contain the sensitive information and this will be in memory.

What you could do is have another 'wiper'-process that uses a lot of memory, so the chance of your sensitive information being overwritten becomes very high, something simple like:

#!/usr/bin/perl
while (1) {
        my $aap = "a" x 8192;
        sleep 1;
}
[download]

Beware of using too much memory, because that will result in swap-usage and in that case you also have to deal with getting rid of your information if it's in swap memory. Maybe its advisable to not use swap-memory (lots of 'Live-CD' OSses don't use swap), and just add some extra memory to your system.

[reply]
[d/l]