From 71904bf08fc651c704f2b77d21aaa30806013c1e Mon Sep 17 00:00:00 2001 From: Jon Michael Aanes Date: Mon, 8 Jul 2024 00:34:13 +0200 Subject: [PATCH] More elaborate todo --- secret_loader/__init__.py | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/secret_loader/__init__.py b/secret_loader/__init__.py index 2d42bcc..007a12e 100644 --- a/secret_loader/__init__.py +++ b/secret_loader/__init__.py @@ -27,7 +27,9 @@ Secret loading order: ## TODO -- [ ] Mlock secrets to prevent leakage to swap file. +- [ ] Avoid leakage to swap files. + * Possibly Mlock? [Does not seem to work](https://stackoverflow.com/questions/29524020/prevent-ram-from-paging-to-swap-area-mlock) + * Alternatively use [mmap](https://docs.python.org/3/library/mmap.html) and [memoryview](https://stackoverflow.com/questions/18655648/what-exactly-is-the-point-of-memoryview-in-python)?ยง - [ ] Wrap secrets in intelligent strings: * Instead of returning None on unloaded, return UnknownSecret, that produce error when formatted.