Home/ Questions/Q 6930019
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-27T11:23:34+00:00

As above really, if I store something (e.g. website session data) in memcached, is

  • 0

As above really, if I store something (e.g. website session data) in memcached, is it possible to remove the data securely so that it would not be evident in a later memory dump?

I assume delete just unassigns the memory rather than wiping it? Could I manually junk the allocated memory by updating the key with random data before deleting it?

Obviously encrypting the data before storing it would be a solution but this also adds a performance overhead.

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    Check the FAQ. So, if you want to secure your data, because you are in a hostile environment, use SASL authentication. Check it out: SASL

    And make sure no one has access to memcached from the outside!!! Bind it to localhost.

    Excerpt from the manual:

    When do expired cached items get deleted from the cache?

    memcached uses a lazy expiration, which means it uses no extra cpu
    expiring items. When an item is requested (a get request) it checks
    the expiration time to see if the item is still valid before returning
    it to the client.

    Similarly when adding a new item to the cache, if the cache is full,
    it will look at for expired items to replace before replacing the
    least used items in the cache.

    • 0