From mboxrd@z Thu Jan 1 00:00:00 1970 Path: news.gmane.org!not-for-mail From: Chong Yidong Newsgroups: gmane.emacs.devel Subject: Re: Fix needed for communication with gpg-agent Date: Tue, 20 Feb 2007 10:35:29 -0500 Message-ID: <873b50g7um.fsf@stupidchicken.com> References: <87irdzs6pp.fsf@stupidchicken.com> <87fy91g1pl.fsf@catnip.gol.com> NNTP-Posting-Host: lo.gmane.org Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Trace: sea.gmane.org 1171985782 28400 80.91.229.12 (20 Feb 2007 15:36:22 GMT) X-Complaints-To: usenet@sea.gmane.org NNTP-Posting-Date: Tue, 20 Feb 2007 15:36:22 +0000 (UTC) Cc: emacs-devel@gnu.org, Miles Bader To: rms@gnu.org Original-X-From: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org Tue Feb 20 16:36:15 2007 Return-path: Envelope-to: ged-emacs-devel@m.gmane.org Original-Received: from lists.gnu.org ([199.232.76.165]) by lo.gmane.org with esmtp (Exim 4.50) id 1HJX2G-0004ZI-6U for ged-emacs-devel@m.gmane.org; Tue, 20 Feb 2007 16:36:08 +0100 Original-Received: from localhost ([127.0.0.1] helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.43) id 1HJX2F-0002wv-K4 for ged-emacs-devel@m.gmane.org; Tue, 20 Feb 2007 10:36:07 -0500 Original-Received: from mailman by lists.gnu.org with tmda-scanned (Exim 4.43) id 1HJX1x-0002rb-Bp for emacs-devel@gnu.org; Tue, 20 Feb 2007 10:35:49 -0500 Original-Received: from [199.232.76.173] (helo=monty-python.gnu.org) by lists.gnu.org with esmtp (Exim 4.43) id 1HJX1w-0002rD-Ov for emacs-devel@gnu.org; Tue, 20 Feb 2007 10:35:48 -0500 Original-Received: from south-station-annex.mit.edu ([18.72.1.2]) by monty-python.gnu.org with esmtps (TLS-1.0:DHE_RSA_AES_256_CBC_SHA:32) (Exim 4.52) id 1HJX1w-0008Iz-9u; Tue, 20 Feb 2007 10:35:48 -0500 Original-Received: from grand-central-station.mit.edu (GRAND-CENTRAL-STATION.MIT.EDU [18.7.21.82]) by south-station-annex.mit.edu (8.13.6/8.9.2) with ESMTP id l1KFZkqT017251; Tue, 20 Feb 2007 10:35:47 -0500 (EST) Original-Received: from outgoing-legacy.mit.edu (OUTGOING-LEGACY.MIT.EDU [18.7.22.104]) by grand-central-station.mit.edu (8.13.6/8.9.2) with ESMTP id l1KFZWoJ001313; Tue, 20 Feb 2007 10:35:33 -0500 (EST) Original-Received: from localhost (SYDNEYPACIFIC-FOUR-FIFTEEN.MIT.EDU [18.95.6.160]) ) by outgoing-legacy.mit.edu (8.13.6/8.12.4) with ESMTP id l1KFZTVp016823; Tue, 20 Feb 2007 10:35:32 -0500 (EST) Original-Received: from cyd by localhost with local (Exim 3.36 #1 (Debian)) id 1HJX1d-0000hi-00; Tue, 20 Feb 2007 10:35:29 -0500 In-Reply-To: (Richard Stallman's message of "Tue\, 20 Feb 2007 08\:43\:54 -0500") User-Agent: Gnus/5.11 (Gnus v5.11) Emacs/22.0.93 (gnu/linux) X-Scanned-By: MIMEDefang 2.42 X-Spam-Score: -2.599 X-detected-kernel: Solaris 9.1 X-BeenThere: emacs-devel@gnu.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Emacs development discussions." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Original-Sender: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org Errors-To: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org Xref: news.gmane.org gmane.emacs.devel:66556 Archived-At: Richard Stallman writes: > We need to solve this problem one way or another now, because we > decided to fix a certain security hole by telling users to use > gpg-agent. We don't need the most elegant possible fix, but we > need something reasonable to use. Has anyone ever said that not using gpg-agent causes a security hole (except for you)? The strongest statement I've ever seen is that gpg-agent is highly recommended, since it provides the most secure way of inputting passphrases. Basically, the worry is that someone could somehow change the Elisp code in your Emacs session so that it records your passphrase as you are entering it. This is a non-zero but minuscule risk. In other words, if you want to be as secure as possible, use X. Note that if someone is in a position to corrupt your Emacs session, it is only a little more trouble to create and redirect you to a fake version of gpg-agent that will intercept your passphrase anyway. So you are screwed even if you use gpg-agent in X. As Ken Thompson once noted, all security risks are relative.