Reputation: 41
gcnew and secure erasure
I have memory that I have to allocate with gcnew (C++, passing the memory to managed code), which will contain secure information (passwords, HIPAA data, etc.). I realize that such memory is garbage collected, and that implies that I don't control when it is deallocated. But that wouldn't be a problem if there was a way to guarantee it got securely wiped before I turn loose of it.
Is there a way to guarantee gcnew'd memory is securely erased? In my particular case, I'm gcnew'ing String objects, but a general approach would be even better.
Upvotes: 0
Views: 64
Answers (1)
Reputation: 156
There isn't an elegant solution to the problem. But, this should be a non-issue/concern if the system running your code is properly secured in accordance to HIPPA.
You may also want to try SecureString instead of String:
Upvotes: 2
Related Questions
- Issue with new/delete with SecureZeroMemory
- Safe Delete in C++
- do we need to create an pointer validation for gcnew
- Is this usage of gcroot safe?
- Clearing memory securely and reallocations
- When should delete be called on a gcnew allocated object?
- Native and managed destructors
- c++/cli using gcnew to create native types
- Using SetWindowText in WIN32 GDI, and securely deleting data typed in
- Deterministic GC in the CLR?