擦除python中变量使用的ram空间,防止内存转储攻击
[英]Erase ram space used by variable in python, prevent memory dump attack
问题描述
Looking for a verified solution for this problem in python.
在 python 中寻找针对此问题的经过验证的解决方案。
I have code like this:我有这样的代码:
verySensitveData = "secret, big secret"
#useing verySensitveData in code
#not need it any more
del verySensitveData # now variable is unusable in later code
collected = gc.collect() #collected and removed
Now it should be gone from RAM when gc is called.现在当 gc 被调用时它应该从 RAM 中消失。
Does this force OS to erase data on address used by verySensitveData variable automatically with GC?这是否会强制操作系统通过 GC 自动擦除 verySensitveData 变量使用的地址上的数据?
It should be gone for good, no ram memory dump can retrieve data that was in variable verySensitveData?它应该永远消失,没有 ram 内存转储可以检索变量 verySensitveData 中的数据?
1 个解决方案
解决方案1
3 已采纳 2016-01-30 02:28:07
No. gc.collect() only causes Python to check for objects that are referenced but unreachable (eg, where two objects refer to each other, but nothing else does).不。 gc.collect()只会让 Python 检查被引用但无法访问的对象(例如,两个对象相互引用,但没有其他任何事情)。 It does not trigger any sort of memory cleanup.它不会触发任何类型的内存清理。
If making your program resistant to memory dumping is important, Python is not the right language to be writing it in. Python makes very few guarantees about how data will be stored in memory, and it is very likely that any string you process will be copied around in memory in the course of processing it, which may leave partial or complete copies of your string in memory.如果让您的程序抵抗内存转储很重要,那么 Python 不是编写它的正确语言。 Python 很少保证数据将如何存储在内存中,并且很可能您处理的任何字符串都将被复制在处理它的过程中,它可能会在内存中留下部分或完整的字符串副本。 Python may reuse that memory or release it to the OS later, but it will not take any special measures to wipe it. Python 可能会重用该内存或稍后将其释放给操作系统,但它不会采取任何特殊措施来擦除它。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.