On Tue, Jul 9, 2024 at 5:28 AM Ruben Perez via Boost
* Have you faced this issue before? * Do you think this is something we (as Boost authors) should care about, or am I thinking too much? * Do you think a library implementing secure string/array/buffer classes would be a valuable addition to Boost?
Such a library would be quite useful, but when I was working at Ripple our investigation concluded that it would be difficult to impossible to implement it portably in a way that could make security guarantees. I would suggest that you do not bother, as you will face many incredibly annoying obstacles at every step of the way which conspire to make your implementation fail in common cases. P1315 is still making its way through WG21 I believe. Note that this proposal was adopted for C: https://open-std.org/jtc1/sc22/wg21/docs/papers/2019/p1315r3.html In my opinion a secure erase function which works most of the time but not all of the time is worse than not having it at all, as it may imply false claims about security. That said, I have asked an expert again for more details, which you can follow here: https://x.com/FalcoVinnie/status/1810654344607633515 Of course, I could be wrong and it is possible that newer operating systems offer robust facilities for ensuring that secrets are not leaked. This would require platform-specific implementation. If there is sufficient support for the popular platforms, it is worth exploring making into a Boost library. Thanks