Data.ByteString.Unsafe.unsafeWipe

David Feuer david.feuer at gmail.com
Mon Jan 12 04:02:05 UTC 2015 

In fact, it looks like Michael Snoyman has done some work on this
already: https://www.fpcomplete.com/user/chad/snippets/random-code-snippets/mutable-bytestring
 Perhaps he could be convinced to finish/release it.

David

On Sun, Jan 11, 2015 at 10:48 PM, David Feuer <david.feuer at gmail.com> wrote:
> -1. Breaking referential transparency is completely unnecessary here.
> The correct way to accomplish this, I believe, is to add a mutable
> ByteString interface, and then a SecureByteString module wrapping it
> and actually making the promises you want.
>
> On Sun, Jan 11, 2015 at 10:42 PM, Erik de Castro Lopo
> <mle+hs at mega-nerd.com> wrote:
>> Discussion period: one month
>>
>> When handling sensitive information (like a user's password) it is
>> desirable to only keep the data around for as short a time as possible.
>> Specifically, relying on the garbage collector to clean it up is simply
>> not good enough.
>>
>> I therefore propose that the following function to be added to the
>> Data.ByteString.Unsafe module:
>>
>>     -- | Overwrites the contents of a ByteString with \0 bytes.
>>     unsafeWipe :: ByteString -> IO ()
>>     unsafeWipe bs =
>>         BS.unsafeUseAsCStringLen bs $ \(ptr, len) ->
>>             let go i
>>                     | i < 0 = return ()
>>                     | otherwise = pokeElemOff ptr i 0 >> go (i - 1)
>>             in go (len - 1)
>>
>> It is added to the Unsafe module because it break referential transparency
>> but since ByteStrings are always kept in pinned memory, it should not
>> otherwise be considered unsafe.
>>
>> It could be used as follows:
>>
>>     main = do
>>         passwd <- getPassword
>>         doSomethingWith passwd
>>         unsafeWipe passwd
>>         restOfProgram
>>
>>
>> Cheers,
>> Erik
>> --
>> ----------------------------------------------------------------------
>> Erik de Castro Lopo
>> http://www.mega-nerd.com/
>> _______________________________________________
>> Libraries mailing list
>> Libraries at haskell.org
>> http://www.haskell.org/mailman/listinfo/libraries

More information about the Libraries mailing list