This software provides a secure pipeline for concealing confidential information.
The module uses a trick created by Bennet Yee to hide secrets from prying eyes by using the kernel's buffer pool. However, given the commonality of remote root exploits, this may not provide complete peace of mind. It does, however, work well as a short-term solution on a shared machine.
The pipe trick is a viable solution for long-running processes that require infrequent password usage, such as mail checkers, and will squirrel away the password in the kernel's memory address space for later retrieval.
Unfortunately, the lack of a feature in Perl that guarantees the secure erasure of string contents mars what could be a very useful module. Without this feature, an attacker with the ability to make your process dump core could potentially win. The module could benefit greatly from a rewrite in XS and the addition of a primitive function to securely zero the contents of a string.
Overall, Flail::SecretPipe does its job, but improvements are necessary to make it a recommended pick in the world of security software.
Version 0.2.5: N/A