Fixes #4731 -- update the secure memory wiping docs (#4925)

* Fixes #4731 -- update the secure memory wiping docs

* It's a word!

2 files changed, 13 insertions, 7 deletions

diff --git a/docs/limitations.rst b/docs/limitations.rst
index 6c58262f..5479a155 100644
--- a/docs/limitations.rst
+++ b/docs/limitations.rst
@@ -1,16 +1,21 @@
 Known security limitations
 --------------------------
 
-Lack of secure memory wiping
-============================
+Secure memory wiping
+====================
 
 `Memory wiping`_ is used to protect secret data or key material from attackers
-with access to uninitialized memory. This can be either because the attacker
-has some kind of local user access or because of how other software uses
-uninitialized memory.
+with access to deallocated memory. This is a defense-in-depth measure against
+vulnerabilities that leak application memory.
 
-Python exposes no API for us to implement this reliably and as such almost all
-software in Python is potentially vulnerable to this attack. The
+Many ``cryptography`` APIs which accept ``bytes`` also accept types which
+implement the buffer interface. Thus, users wishing to do so can pass
+``memoryview`` or another mutable type to ``cryptography`` APIs, and overwrite
+the contents once the data is no longer needed.
+
+However, ``cryptography`` does not clear memory by default, as there is no way
+to clear immutable structures such as ``bytes``. As a result, ``cryptography``,
+like almost all software in Python is potentially vulnerable to this attack. The
 `CERT secure coding guidelines`_ assesses this issue as "Severity: medium,
 Likelihood: unlikely, Remediation Cost: expensive to repair" and we do not
 consider this a high risk for most users.
diff --git a/docs/spelling_wordlist.txt b/docs/spelling_wordlist.txt
index 47d37301..6e4675da 100644
--- a/docs/spelling_wordlist.txt
+++ b/docs/spelling_wordlist.txt
@@ -23,6 +23,7 @@ crypto
 cryptographic
 cryptographically
 Debian
+deallocated
 decrypt
 decrypts
 Decrypts