For a webserver or other similar server, having a stringtype that does not appear in backtraces is very useful. It would save a lot of special code in roxen, designed to filter out passwords, as an example.
/ Per Hedbor ()
Previous text:
2003-01-29 09:05: Subject: Re: OpenSSL wrapper vs Pike's SSL (Was: Bz2)
And I feel it's not worth the effort to try to do anything fancy with "secure deletion", mlock etc.
mlock is pretty useless as it only works for root, and one don't want to encourage people to run their processes as root "for security reasons". (I'm sure not everybody agrees with that).
Clearing strings and other memory when they're deallocated is reasonable, if you want to pay the extra cycles. Only question is how configurable that should be. A flag to make a particular string not appear in backtraces (or more generally, by sprintf("%O", s)) seems a little obscure, but it might be useful. Anything more complex than that? I don't think that's a good idea.
/ Niels Möller ()