From mboxrd@z Thu Jan  1 00:00:00 1970
Path: news.gmane.org!not-for-mail
From: Thierry Volpiatto <thierry.volpiatto@gmail.com>
Newsgroups: gmane.emacs.devel
Subject: Re: bug: epg send unencrypted data in trash
Date: Fri, 11 Feb 2011 22:05:09 +0100
Message-ID: <87aai2s2nu.fsf@gmail.com>
References: <87oc6jav1s.fsf@gmail.com> <87k4h6sahe.fsf@gmail.com>
	<87sjvuxs80.fsf@lifelogs.com>
NNTP-Posting-Host: lo.gmane.org
Mime-Version: 1.0
Content-Type: text/plain
X-Trace: dough.gmane.org 1297458715 23459 80.91.229.12 (11 Feb 2011 21:11:55 GMT)
X-Complaints-To: usenet@dough.gmane.org
NNTP-Posting-Date: Fri, 11 Feb 2011 21:11:55 +0000 (UTC)
To: emacs-devel@gnu.org
Original-X-From: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org Fri Feb 11 22:11:51 2011
Return-path: <emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org>
Envelope-to: ged-emacs-devel@m.gmane.org
Original-Received: from lists.gnu.org ([199.232.76.165])
	by lo.gmane.org with esmtp (Exim 4.69)
	(envelope-from <emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org>)
	id 1Po0HJ-0006tx-NO
	for ged-emacs-devel@m.gmane.org; Fri, 11 Feb 2011 22:11:51 +0100
Original-Received: from localhost ([127.0.0.1]:57327 helo=lists.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.43)
	id 1Po0HH-0006U1-8j
	for ged-emacs-devel@m.gmane.org; Fri, 11 Feb 2011 16:11:43 -0500
Original-Received: from [140.186.70.92] (port=48251 helo=eggs.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.43) id 1Po0BH-00034r-IN
	for emacs-devel@gnu.org; Fri, 11 Feb 2011 16:05:32 -0500
Original-Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <ged-emacs-devel@m.gmane.org>) id 1Po0BG-0004X9-AG
	for emacs-devel@gnu.org; Fri, 11 Feb 2011 16:05:31 -0500
Original-Received: from lo.gmane.org ([80.91.229.12]:33869)
	by eggs.gnu.org with esmtp (Exim 4.71)
	(envelope-from <ged-emacs-devel@m.gmane.org>) id 1Po0BG-0004We-0o
	for emacs-devel@gnu.org; Fri, 11 Feb 2011 16:05:30 -0500
Original-Received: from list by lo.gmane.org with local (Exim 4.69)
	(envelope-from <ged-emacs-devel@m.gmane.org>) id 1Po0BC-0002sC-Ie
	for emacs-devel@gnu.org; Fri, 11 Feb 2011 22:05:26 +0100
Original-Received: from 131.78.88-79.rev.gaoland.net ([79.88.78.131])
	by main.gmane.org with esmtp (Gmexim 0.1 (Debian))
	id 1AlnuQ-0007hv-00
	for <emacs-devel@gnu.org>; Fri, 11 Feb 2011 22:05:26 +0100
Original-Received: from thierry.volpiatto by 131.78.88-79.rev.gaoland.net with local
	(Gmexim 0.1 (Debian)) id 1AlnuQ-0007hv-00
	for <emacs-devel@gnu.org>; Fri, 11 Feb 2011 22:05:26 +0100
X-Injected-Via-Gmane: http://gmane.org/
Original-Lines: 49
Original-X-Complaints-To: usenet@dough.gmane.org
X-Gmane-NNTP-Posting-Host: 131.78.88-79.rev.gaoland.net
User-Agent: Gnus/5.110011 (No Gnus v0.11) Emacs/23.2.93 (gnu/linux)
Cancel-Lock: sha1:W/oYajZSgXt3UVjP6XRQ81PRhc0=
X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.6 (newer, 3)
X-Received-From: 80.91.229.12
X-BeenThere: emacs-devel@gnu.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: "Emacs development discussions." <emacs-devel.gnu.org>
List-Unsubscribe: <http://lists.gnu.org/mailman/listinfo/emacs-devel>,
	<mailto:emacs-devel-request@gnu.org?subject=unsubscribe>
List-Archive: <http://lists.gnu.org/archive/html/emacs-devel>
List-Post: <mailto:emacs-devel@gnu.org>
List-Help: <mailto:emacs-devel-request@gnu.org?subject=help>
List-Subscribe: <http://lists.gnu.org/mailman/listinfo/emacs-devel>,
	<mailto:emacs-devel-request@gnu.org?subject=subscribe>
Original-Sender: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org
Errors-To: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org
Xref: news.gmane.org gmane.emacs.devel:135911
Archived-At: <http://permalink.gmane.org/gmane.emacs.devel/135911>

Ted Zlatanov <tzz@lifelogs.com> writes:

> On Fri, 11 Feb 2011 19:16:13 +0100 Thierry Volpiatto <thierry.volpiatto@gmail.com> wrote: 
>
> TV> Thierry Volpiatto <thierry.volpiatto@gmail.com> writes:
>>> i start using recently delete-by-moving-to-trash.(i had no trash before)
>>> So now when i decrypt a file and read it in emacs, i have an unencrypted
>>> file world readable 'epg-output-xxx' in the trash.
>>> That's bad.
>
> TV> So if one use gnus with a .authinfo.gpg, and use also
> TV> delete-by-moving-to-trash, he will have the bad surprise to find his
> TV> authinfo data in clear text in the trash.
>
> TV> Maybe let-bind delete-by-moving-to-trash in epg-delete-output-file would
> TV> be good.
> TV> It's what i will do here anyway.
>
> TV> (defun epg-delete-output-file (context)
> TV>   "Delete the output file of CONTEXT."
> TV>   (let ((delete-by-moving-to-trash nil))
> TV>     (when (and (epg-context-output-file context)
> TV>              (file-exists-p (epg-context-output-file context)))
> TV>       (delete-file (epg-context-output-file context)))))
>
> TV> With this change, data in clear text will never go to trash.
>
> According to the docs for `delete-file' it shouldn't matter what
> `delete-by-moving-to-trash' says because this is called
> non-interactively (TRASH is nil when delete-file is called
> non-interactively).  Or is this funcall interactive somehow?
I don't know, but actually without delete-by-moving-to-trash let-bound
to nil, non--encrypted data goes to trash.

To reproduce:
Enable delete-by-moving-to-trash
Edit your .authinfo.gpg from dired, then kill buffer.
Go to trash you will see content of your .authinfo in an epg-output-xxx
file.

Same if you open gnus.

If you use delete-by-moving-to-trash maybe you already have
non--encrypted data in your trash.

-- 
A+ Thierry
Get my Gnupg key:
gpg --keyserver pgp.mit.edu --recv-keys 59F29997