Hi,

What you could try to do in minimizing the risk of sensitive stuff in memory is forking a separate process that handles the sensitive information and keep that running as short as possible. The memory freed after that process finished may still contain the sensitive information, as pointed out by gmpassos, but if you keep your sensitive information-process running long (as a deamon for instance) it certainly will contain the sensitive information and this will be in memory.

What you could do is have another 'wiper'-process that uses a lot of memory, so the chance of your sensitive information being overwritten becomes very high, something simple like:

#!/usr/bin/perl
while (1) {
        my $aap = "a" x 8192;
        sleep 1;
}
[download]

will allocate at least 8192 bytes filled with 'a' every second (and probably a whole lot because we run perl), at te expense of some CPU and memory (duh). This could be tuned to take into account the current state of total memory usage (make the wiper-process use more if there's a lot of free memory left). I'm not very experienced in the details of memory management, but having a hight turnover in used memory to me seems a good way to decrease the chance of sensitive information still being in memory.

Beware of using too much memory, because that will result in swap-usage and in that case you also have to deal with getting rid of your information if it's in swap memory. Maybe its advisable to not use swap-memory (lots of 'Live-CD' OSses don't use swap), and just add some extra memory to your system.