Reputation: 133
Security of data in memory (Python)
I have an application that uses sensitive information (passwords). As the password is kept on memory (a variable) I wonder if an attacker could read the information stored in the memory. Does python ensure that the variables cannot be read by other software running on the same machine? If not, how can any app that handles passwords be safe if at some point the passwords need to be in memory to be checked? One can go ahead and encrypt the data but still, at some point, it will be in memory. More important, the password must be entered, for instance, using an input box, how these risk can be avoided?
Upvotes: 3
Views: 1247
Answers (1)
Reputation: 1645
Two processes can't share memory (unless one has been forked from the other, then it will have copy-on-write access). This is handled by the kernal. A process that tries to access another processes memory should revive a segFault.
This question is not exactly a duplicate but this post may have the answers you are looking for.
Upvotes: 1
Related Questions
- Is Python memory-safe?
- Proper data encryption with a user-set password in python3
- Securely Erasing Password in Memory (Python)
- Safely handling passwords in Python?
- Python's safest method to store and retrieve passwords from a database
- Storing passwords with python
- Is it dangerous to store a password in a variable?
- Python, remove password from memory
- How to safely store sensitive data?
- Prevent a plain text password in RAM (Python)