How to wipe inactive process memory?

Question

I have PHP running as a module under Apache2 on Debian.

When a request come to Apache, I do some actions with confidential data that is already in server memory. Such data is already overrided and wiped automatically.

In an other hand, and this is the point, as such confidential data is manipulate under a PHP script, and certainly copied into the associated memory space, my concern is about to be sure that after the HTTP response end (and the associated PHP/Apache2 process terminate?), there is absolutely no references neither values to the confidential data that persists in memory.

May be, an efficient way, is to cleanup/override frequently (as a cronjob or after a PHP script end) the entire inactive memory space. Questions:

1) Is there an unix command or a low-level library to cleanup/override all the inactive memory space ?

2) In case there is no PHP process but only Apache2 process involed, and as Apache2 processes not necessarily terminate, is there any command or library to cleanup "inactive memory" of an active process ?

3) Is there efficent solutions in PHP to cleanup/override memory used before script shutdown ?

Thank you

Answer 1

I think this answer on the security site is somewhat related about memory storage : https://security.stackexchange.com/questions/29019/are-passwords-stored-in-memory-safe

In my opinion, it isn't worth putting effort in to. If a user has access to the memory the script was using, then a user probably has access to the script itself and therefore can insert any code they want to circumvent any measures you put in place. That would also be much easier than scraping the memory for data. Lock down the operating system the best you can, assuming you manage the OS.