From mboxrd@z Thu Jan  1 00:00:00 1970
Path: news.gmane.org!not-for-mail
From: "Stephen J. Turnbull" <stephen@xemacs.org>
Newsgroups: gmane.emacs.devel
Subject: Re: lexbind: how to replace lexical-let approach to hide secrets
Date: Fri, 01 Apr 2011 10:31:01 +0900
Message-ID: <87hbaivju2.fsf@uwakimon.sk.tsukuba.ac.jp>
References: <jwvbp0t61xm.fsf-monnier+emacs@gnu.org>
	<4D926EA9.5080509@gmail.com>
	<jwvsju55sqs.fsf-monnier+emacs@gnu.org> <4D92AD2B.40502@gmail.com>
	<AANLkTinSARJP8ofq3bqQvKXr9q_Qr7amW=D66hVbPQ0a@mail.gmail.com>
	<87lizwd9lt.fsf_-_@lifelogs.com>
	<jwvbp0s8gdt.fsf-monnier+emacs@gnu.org>
	<87ei5n8ffi.fsf@lifelogs.com>
NNTP-Posting-Host: lo.gmane.org
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
X-Trace: dough.gmane.org 1301622180 8706 80.91.229.12 (1 Apr 2011 01:43:00 GMT)
X-Complaints-To: usenet@dough.gmane.org
NNTP-Posting-Date: Fri, 1 Apr 2011 01:43:00 +0000 (UTC)
Cc: emacs-devel@gnu.org
To: Ted Zlatanov <tzz@lifelogs.com>
Original-X-From: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org Fri Apr 01 03:42:55 2011
Return-path: <emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org>
Envelope-to: ged-emacs-devel@m.gmane.org
Original-Received: from lists.gnu.org ([199.232.76.165])
	by lo.gmane.org with esmtp (Exim 4.69)
	(envelope-from <emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org>)
	id 1Q5TO2-0004LN-26
	for ged-emacs-devel@m.gmane.org; Fri, 01 Apr 2011 03:42:54 +0200
Original-Received: from localhost ([127.0.0.1]:48690 helo=lists.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.43)
	id 1Q5TO1-0000Iu-K4
	for ged-emacs-devel@m.gmane.org; Thu, 31 Mar 2011 21:42:53 -0400
Original-Received: from [140.186.70.92] (port=43878 helo=eggs.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.43) id 1Q5TNx-0000If-ER
	for emacs-devel@gnu.org; Thu, 31 Mar 2011 21:42:50 -0400
Original-Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <stephen@xemacs.org>) id 1Q5TNw-0005ij-KO
	for emacs-devel@gnu.org; Thu, 31 Mar 2011 21:42:49 -0400
Original-Received: from mgmt2.sk.tsukuba.ac.jp ([130.158.97.224]:44478)
	by eggs.gnu.org with esmtp (Exim 4.71)
	(envelope-from <stephen@xemacs.org>) id 1Q5TNw-0005iB-8q
	for emacs-devel@gnu.org; Thu, 31 Mar 2011 21:42:48 -0400
Original-Received: from uwakimon.sk.tsukuba.ac.jp (uwakimon.sk.tsukuba.ac.jp
	[130.158.99.156])
	by mgmt2.sk.tsukuba.ac.jp (Postfix) with ESMTP id BF4FB97064B;
	Fri,  1 Apr 2011 10:25:29 +0900 (JST)
Original-Received: by uwakimon.sk.tsukuba.ac.jp (Postfix, from userid 1000)
	id D70FE1A35C0; Fri,  1 Apr 2011 10:31:01 +0900 (JST)
In-Reply-To: <87ei5n8ffi.fsf@lifelogs.com>
X-Mailer: VM 8.1.93a under 21.5 (beta29) "garbanzo" eac2e6bd5b2c+ XEmacs Lucid
	(x86_64-unknown-linux)
X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.6 (newer, 3)
X-Received-From: 130.158.97.224
X-BeenThere: emacs-devel@gnu.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: "Emacs development discussions." <emacs-devel.gnu.org>
List-Unsubscribe: <http://lists.gnu.org/mailman/listinfo/emacs-devel>,
	<mailto:emacs-devel-request@gnu.org?subject=unsubscribe>
List-Archive: <http://lists.gnu.org/archive/html/emacs-devel>
List-Post: <mailto:emacs-devel@gnu.org>
List-Help: <mailto:emacs-devel-request@gnu.org?subject=help>
List-Subscribe: <http://lists.gnu.org/mailman/listinfo/emacs-devel>,
	<mailto:emacs-devel-request@gnu.org?subject=subscribe>
Original-Sender: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org
Errors-To: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org
Xref: news.gmane.org gmane.emacs.devel:137965
Archived-At: <http://permalink.gmane.org/gmane.emacs.devel/137965>

Ted Zlatanov writes:

 > IMHO this should be done by Emacs; the core should provide a way to tag
 > strings as "secret" so they are wiped on deallocation.

I don't see why this is better than the method already used, since you
would have to use a different call to make such strings.  In the end
it's up to the application to manage these secrets.

 > I think this property should propagate when the string is copied.

But what about the storage the string is copied from?  Really, keeping
secrets is up to the application.  I think this is overkill, and won't
really help naive users keep their secrets.