Here's one idea: on linux we could use /proc/*/maps and scan the memory for occurrences of the target string. We should find exactly 1. Then do mem.secureZero, and then scan again, and we should find 0 occurrences. The magic string should probably be generated with an RNG (but it can be deterministic) so that it does not appear in the .data section.
Also before closing this issue, the language reference should have some kind of memory model specified so that the language guarantees that in this use case the memory is not saved somewhere, for example because of runtime safety features, or an optimization. A programmer should be able to be confident that in-memory data is destroyed.
Here's one idea: on linux we could use
/proc/*/mapsand scan the memory for occurrences of the target string. We should find exactly 1. Then domem.secureZero, and then scan again, and we should find 0 occurrences. The magic string should probably be generated with an RNG (but it can be deterministic) so that it does not appear in the.datasection.Also before closing this issue, the language reference should have some kind of memory model specified so that the language guarantees that in this use case the memory is not saved somewhere, for example because of runtime safety features, or an optimization. A programmer should be able to be confident that in-memory data is destroyed.