Mark data as sensitive in python

后端未结

关注

 5  2058

[愿得一人] 2020-11-29 05:57

I need to store a user\'s password for a short period of time in memory. How can I do so yet not have such information accidentally disclosed in coredumps or tracebacks? Is

5条回答

执笔经年 (楼主)

2020-11-29 06:29

based on culix's answer: the following works with Linux 64-bit architecture.
Tested on Debian based systems.

import sys 
import ctypes

def nuke(var_to_nuke):
    strlen = len(var_to_nuke)
    offset = sys.getsizeof(var_to_nuke) - strlen - 1
    ctypes.memset(id(var_to_nuke) + offset, 0, strlen)
    del var_to_nuke               # derefrencing the pointer.

0 讨论(0)

查看其它5个回答