On Thu, 10 Nov 2005 13:35:00 +0100, yepp wrote: > The Eternal Squire wrote: > >> >> 1) The decrypted modules should only reside in RAM, never in virtual >> memory. Those RAM locations should be rendered inaccessible to Python >> code. > > I'm starting to understand why FOSS developers are said to be productive > above the average: they don't have to mess their brains with stuff like > that.
That's not *quite* true. There are FOSS programs that actually do care about security. For instance, if you are encrypting data, you don't want the memory containing the plaintext to be swapped to your swap partition, where raw disk tools can recover it. But as a general rule, you're right. If you, the developer, don't have to think of your users as the enemy, you'd be amazed the amount of make-work you don't have to do. -- Steven. -- http://mail.python.org/mailman/listinfo/python-list
