[erlang-questions] Process state and sensitive information
Jesper Louis Andersen
jesper.louis.andersen@REDACTED
Tue Sep 2 13:51:50 CEST 2014
On Tue, Sep 2, 2014 at 12:41 PM, Chris de Villiers <
chrisdevilliers@REDACTED> wrote:
> Any comments?
Given what Ulf wrote, the sensitive flag serves a different purpose: it
protects the administrator and not the user. An admin cannot inadvertently
read credentials because it won't show up on his screen unless he
forcefully bends the system.
Consider if you want to protect against data which is hot in memory. If you
decrypt, how do you make sure the data you decrypted is overwritten
straight away, once you don't need them anymore? This approach is so much
against the Erlang philosophy so it might require a NIF to pull off.
--
J.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://erlang.org/pipermail/erlang-questions/attachments/20140902/9bb8f4a3/attachment.htm>
More information about the erlang-questions
mailing list