[or-cvs] r23854: {arm} Removing the only reference arm has to the controller passwo (in arm/trunk: . src)
Damian Johnson
atagar1 at gmail.com
Mon Nov 22 17:51:02 UTC 2010
Author: atagar
Date: 2010-11-22 17:51:02 +0000 (Mon, 22 Nov 2010)
New Revision: 23854
Modified:
arm/trunk/TODO
arm/trunk/src/starter.py
Log:
Removing the only reference arm has to the controller password. Python doesn't have a method to directly free this memory so this is the best we can do to get rid of it.
Modified: arm/trunk/TODO
===================================================================
--- arm/trunk/TODO 2010-11-22 17:41:10 UTC (rev 23853)
+++ arm/trunk/TODO 2010-11-22 17:51:02 UTC (rev 23854)
@@ -37,8 +37,7 @@
- pick apart applications like iftop and pktstat to see how they get
per-connection bandwidth usage. Forum thread discussing it:
https://bbs.archlinux.org/viewtopic.php?pid=715906
- [ ] attempt to clear controller password from memory
- - http://www.codexon.com/posts/clearing-passwords-in-memory-with-python
+ [X] attempt to clear controller password from memory
* release prep
* pylint --indent-string=" " --disable=C,R interface/foo.py | less
* double check __init__.py and README for changes
Modified: arm/trunk/src/starter.py
===================================================================
--- arm/trunk/src/starter.py 2010-11-22 17:41:10 UTC (rev 23853)
+++ arm/trunk/src/starter.py 2010-11-22 17:51:02 UTC (rev 23854)
@@ -254,6 +254,10 @@
conn = TorCtl.TorCtl.connect(controlAddr, controlPort, authPassword)
if conn == None: sys.exit(1)
+ # removing reference so memory can be freed (unfortunately python does allow
+ # for direct access to the memory so this is the best we can do)
+ del authPassword
+
# initializing the connection may require user input (for the password)
# skewing the startup time results so this isn't counted
initTime = time.time() - startTime
More information about the tor-commits
mailing list