proposal: securely wipe sensitive data from memory #18645
Labels
Comments
|
To really securely store and wipe memory, you need to mlock the page
into memory so that it won't go into swap before storing into it. Clearing
it is actually the easy part of this.
Because you can't mlock a Go variable allocated from heap, you will
have to manage your own memory with mmap.
Why not write a go-gettable package for this to see how it goes? It's
certainly non-trivial as one might expect (esp. because one has to
manage the memory used to store sensitive material manually).
|
mdempsky
changed the title
|
This isn't so much of a proposal as it is a wishlist item. The Go proposal process is not about asking others to do design & implementation work. I'm going to close this until there's an actual design proposal. As @minux says, there are OS-specific things like mlock that would be necessary, and anything Go offers would be need to be done portably and available on all operating systems. I'd prefer to see it done as an external library first, before brought into the Go core, especially since nobody working on the Go core has time for this at the moment. If you would like to work on this, though, please re-open and provide a bit more of a proposal. |
|
This library seems to the job. |
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
This is a follow-up of https://groups.google.com/forum/#!topic/golang-nuts/sKQtvluD_So (from early 2013).
It would be nice to somehow wipe sensitive data from memory (e.g. a password/key, once it is no longer required). Is this idea already ruled-out? It looks like
Cipher.Reset()was removed, as it couldn't guarantee to remove a key from memory.The text was updated successfully, but these errors were encountered: