Search the Community
Showing results for tags 'ram'.
-
I have a question about PHP, and how it stores data in RAM.. As we know, programs on a computer are run in RAM, and so, when I have a PHP script, and I am writing a string to a variable.... or when I am using file_get_contents to read data from a file into PHP... it's going to load it into RAM..... You see.... what I am really asking is a security question.... On Linux, you can run the following command, to get the 1st approx. 1MB of RAM extracted into a file... dd if=/dev/mem | hexdump -C > OUTPUTFILEHERE.txt And so... if I were to run this command, I would get 1MB of data from the RAM, and I'm thinking... this could contain sensitive data from a PHP script, aka passwords.... Like... if I have the following PHP code.... <?php $password = "my_password_here"; ?> .... then.... "my_password_here" might be stored in RAM, and thus, a hacker could extract the password out of RAM, and use it to compromise my security...? And so.....I have 2 quetions.... (1) how does PHP store variables in RAM? (2) if PHP does store it openly, what is the best way of wiping it...? Would over-writing the password variable with some junk.. manage to erase it from RAM..? Or... would I have to use some kind of PHP "flush" command...? Thank you for reading