Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

proposal: runtime: add SecureErase and MarkSecureEraseOnFinalize functionality #44018

Closed
magicalo opened this issue Jan 30, 2021 · 3 comments
Closed
Labels
FrozenDueToAge Proposal Proposal-Crypto Proposal related to crypto packages or other security issues
Milestone

Comments

@magicalo
Copy link

What version of Go are you using (go version)?

$ go version go1.15.6 linux/amd64

Does this issue reproduce with the latest release?

This is not an issue, but instead a feature request.
While I can write my own SecureErase and SecureEraseOnFinalize, it would be fantastic if the runtime had a method to do this. (I could not find a method call that does the SecureErase part, though I can do it with some of the runtime components like KeepAlive or the Finalize component myself.

What is being requested is to build this into the runtime as a feature. Developers than can erase any sensitive data to reduce the window of opportunity for a memory-dump analysis or a HeatBleed style protocol attack. In other words a way to minimize the time in memory that a sensitive piece of information is available.

What operating system and processor architecture are you using (go env)?

Linux

go env Output
$ go env
GO111MODULE=""
GOARCH="amd64"
GOBIN=""
GOCACHE="/home/./.cache/go-build"
GOENV="/home/./.config/go/env"
GOEXE=""
GOFLAGS=""
GOHOSTARCH="amd64"
GOHOSTOS="linux"
GOINSECURE=""
GOMODCACHE="/home/./go/pkg/mod"
GONOPROXY="github..com"
GONOSUMDB="github..com"
GOOS="linux"
GOPATH="/home/./go"
GOPRIVATE="github.com"
GOPROXY="https://proxy.golang.org,direct"
GOROOT="/snap/go/6745"
GOSUMDB="sum.golang.org"
GOTMPDIR=""
GOTOOLDIR="/snap/go/6745/pkg/tool/linux_amd64"
GCCGO="gccgo"
AR="ar"
CC="gcc"
CXX="g++"
CGO_ENABLED="1"
GOMOD="/home/./go.mod"
CGO_CFLAGS="-g -O2"
CGO_CPPFLAGS=""
CGO_CXXFLAGS="-g -O2"
CGO_FFLAGS="-g -O2"
CGO_LDFLAGS="-g -O2"
PKG_CONFIG="pkg-config"
GOGCCFLAGS="-fPIC -m64 -pthread -fmessage-length=0 -fdebug-prefix-map=/tmp/go-build851289857=/tmp/go-build -gno-record-gcc-switches"

What did you do?

This is a feature ask.

What did you expect to see?

I would like a runtime.SecureErase(interface{}) and a runtime.MarkSecureEraseAtFinalize(interface{}) method to ensure zero of memory at explicit call-time or zero of memory before GC.

What did you see instead?

I had to write this myself.

@seankhliao seankhliao changed the title Golang Runtime SecureErase or SecureEraseOnFinalize proposal: runtime: add SecureErase or SecureEraseOnFinalize functionality Jan 30, 2021
@gopherbot gopherbot added this to the Proposal milestone Jan 30, 2021
@ALTree
Copy link
Member

ALTree commented Jan 30, 2021

Lengthy discussion about this (including several people even doubting this can actually be implemented in Go) at #21865. I would be tempted to suggest we keep all the discussion in that thread.

@magicalo magicalo changed the title proposal: runtime: add SecureErase or SecureEraseOnFinalize functionality proposal: runtime: add SecureErase and MarkSecureEraseOnFinalize functionality Jan 30, 2021
@ianlancetaylor ianlancetaylor added this to Incoming in Proposals (old) Feb 17, 2021
@ianlancetaylor ianlancetaylor added the Proposal-Crypto Proposal related to crypto packages or other security issues label Feb 17, 2021
@rsc
Copy link
Contributor

rsc commented Feb 17, 2021

Closing as duplicate of #21865.

@rsc rsc moved this from Incoming to Declined in Proposals (old) Feb 17, 2021
@rsc
Copy link
Contributor

rsc commented Feb 17, 2021

No change in consensus, so declined.
— rsc for the proposal review group

Edit: Oops, I need to fix the bot's handling of duplicate issues. Sorry for the confusing message!

@golang golang locked and limited conversation to collaborators Feb 17, 2022
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
FrozenDueToAge Proposal Proposal-Crypto Proposal related to crypto packages or other security issues
Projects
No open projects
Development

No branches or pull requests

6 participants