安全删除内存中的密码(Python) [英] Securely Erasing Password in Memory (Python)

问题描述

如何将用户输入的密码存储在内存中，并在不再需要密码后将其安全擦除?

How do you store a password entered by the user in memory and erase it securely after it is no longer need?

为了详细说明，目前我们有以下代码:

To elaborate, currently we have the following code:

username = raw_input('User name: ')
password = getpass.getpass()
mail = imaplib.IMAP4(MAIL_HOST)
mail.login(username, password)

调用login方法后，我们该怎么办才能用乱码填充包含密码的内存区域，以使某人无法通过执行核心转储来恢复密码?

After calling the login method, what do we need to do to fill the area of memory that contains password with garbled characters so that someone cannot recover the password by doing a core dump?

有一个类似的问题，但是在Java中，解决方案使用字符数组: 如何在其中安全存储哈希密码内存，在创建帐户时?

There is a similar question, however it is in Java and the solution uses character arrays: How does one store password hashes securely in memory, when creating accounts?

这可以用Python完成吗?

Can this be done in Python?

推荐答案

Python对内存的控制程度不那么低.接受它，继续前进.您可以做的最好的是在调用mail.login之后进入del password，这样就不会保留对密码字符串对象的引用.任何声称能够做得更多的解决方案，只会给您一种错误的安全感.

Python doesn't have that low of a level of control over memory. Accept it, and move on. The best you can do is to del password after calling mail.login so that no references to the password string object remain. Any solution that purports to be able to do more than that is only giving you a false sense of security.

Python字符串对象是不可变的；创建字符串后，没有直接的方法来更改它的内容. 即使您能够以某种方式覆盖password所引用的字符串的内容(从技术上来说，这是愚蠢的ctypes技巧所可能实现的)，仍然会有其他密码副本被创建在各种字符串操作中:

Python string objects are immutable; there's no direct way to change the contents of a string after it is created. Even if you were able to somehow overwrite the contents of the string referred to by password (which is technically possible with stupid ctypes tricks), there would still be other copies of the password that have been created in various string operations:

• 由getpass模块在将尾随的换行符从输入的密码中删除时
由imaplib模块在引用密码时由
• 发出，然后创建完整的IMAP命令，然后再将其传递给套接字.

• by the getpass module when it strips the trailing newline off of the inputted password
• by the imaplib module when it quotes the password and then creates the complete IMAP command before passing it off to the socket

您将不得不以某种方式获取所有这些字符串的引用，并覆盖它们的内存.

You would somehow have to get references to all of those strings and overwrite their memory as well.

这篇关于安全删除内存中的密码(Python)的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！