Re: cleanup of data from memory
From: Hernan de Lahitte (hernan_at_lagash.com)
Date: Wed, 7 Jul 2004 21:09:07 -0300
I just posted a SecureString class (like the Whidbey countrerpart) but for
You will found classes for ProtectedMemory and ProtectedData (wrappers for
the DPAPI functions) as well.
Hope this help.
-- Hernan de Lahitte Lagash Systems S.A. http://weblogs.asp.net/hernandl This posting is provided "AS IS" with no warranties, and confers no rights. "Srini" <Srini@discussions.microsoft.com> wrote in message news:76F4A7F5-7DAC-4EE0-A199-F824C7D5A70B@microsoft.com... > By using all the security APIs and encryption algorithms we are able to encrypt the data. > > What about the following scenario? > > After we encrypt the data we release the BYTE or memory stream or something else without doing anytihng to the memory conatined by them. What if some other process gets that memory later on ond because the un-encrypted(confidential data) > is stil sitting there in that memory that new process has gotten access to our data. Is there a specific procedure that we need to follow(is it the application responsibility to reset the memory contents bofore it releases it)? or does the OS clean/reset the memory before it allocates it to some other process? > > Is there anything in .NET to prevent this from happening. > > Thanks for the help. > Srini >