From: Ihor Radchenko <yantar92@posteo.net>
To: Jens Schmidt <jschmidt4gnu@vodafonemail.de>
Cc: emacs-devel@gnu.org
Subject: Re: Storing sensitive data indefinitely in variables or buffers: Whether and how to fix?
Date: Wed, 31 May 2023 08:02:53 +0000 [thread overview]
Message-ID: <87fs7dnd1u.fsf@localhost> (raw)
In-Reply-To: <bf0942aa-fd27-bec4-13cd-ec115a622b97@vodafonemail.de>
Jens Schmidt <jschmidt4gnu@vodafonemail.de> writes:
> plstore.el stores clear-text sensitive data in a number of places in a
> running emacs without automatically expiring it as, for example,
> password-cache does.
To add on the issue, we had a somewhat similar problem related to
org-persist library that stores cached data.
https://list.orgmode.org/orgmode/CAM9ALR8fuSu0YWS1SehRw7sYxprJFX-r2juXd_DgvCYVKQc95Q@mail.gmail.com/
Within that thread, a concern have been raised about storing data
related to files from encrypted file system. Even the file names (for
example, stored by recentf) from encrypted FS may be considered
sensitive if they are stored as plain text.
I have considered two approaches there:
1. Expiry, when the data may persist within Emacs session, but is never
written on disk.
2. Encrypting the stored data (similar to .authinfo.gpg)
> 1. As usually, fixing these decreases convenience. Is that OK?
IMHO, at least some people are extremely sensitive about storing
sensitive data in plain text. I'd say that it is better to avoid storing
sensitive data in plain text by default. Possibly, with a toggle to
enable such risky storage for users who know what they are doing.
--
Ihor Radchenko // yantar92,
Org mode contributor,
Learn more about Org mode at <https://orgmode.org/>.
Support Org development at <https://liberapay.com/org-mode>,
or support my work at <https://liberapay.com/yantar92>
next prev parent reply other threads:[~2023-05-31 8:02 UTC|newest]
Thread overview: 21+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-05-30 21:25 Storing sensitive data indefinitely in variables or buffers: Whether and how to fix? Jens Schmidt
2023-05-31 8:02 ` Ihor Radchenko [this message]
2023-05-31 16:39 ` Adam Porter
2023-05-31 18:17 ` tomas
2023-06-01 6:34 ` Ihor Radchenko
2023-06-01 6:51 ` tomas
2023-06-01 7:11 ` Ihor Radchenko
2023-05-31 19:05 ` Eli Zaretskii
2023-06-01 6:48 ` Ihor Radchenko
2023-06-01 7:11 ` Eli Zaretskii
2023-06-01 7:29 ` Ihor Radchenko
2023-06-01 7:33 ` Eli Zaretskii
2023-06-01 7:34 ` tomas
2023-05-31 19:37 ` Jens Schmidt
2023-06-01 6:42 ` Ihor Radchenko
2023-06-01 20:10 ` Jens Schmidt
2023-06-01 20:47 ` Adam Porter
2023-06-02 6:30 ` Eli Zaretskii
2023-06-04 23:47 ` Adam Porter
2023-06-05 2:31 ` Eli Zaretskii
2023-05-31 12:56 ` Eli Zaretskii
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
List information: https://www.gnu.org/software/emacs/
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=87fs7dnd1u.fsf@localhost \
--to=yantar92@posteo.net \
--cc=emacs-devel@gnu.org \
--cc=jschmidt4gnu@vodafonemail.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this public inbox
https://git.savannah.gnu.org/cgit/emacs.git
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).