From mboxrd@z Thu Jan 1 00:00:00 1970 Path: news.gmane.org!not-for-mail From: "Stephen J. Turnbull" Newsgroups: gmane.emacs.devel Subject: Re: secret strings Date: Fri, 01 Apr 2011 23:38:20 +0900 Message-ID: <87r59mm3z7.fsf@uwakimon.sk.tsukuba.ac.jp> References: <4D926EA9.5080509@gmail.com> <4D92AD2B.40502@gmail.com> <87lizwd9lt.fsf_-_@lifelogs.com> <87ei5n8ffi.fsf@lifelogs.com> <87hbaivju2.fsf@uwakimon.sk.tsukuba.ac.jp> <87ei5moa61.fsf_-_@lifelogs.com> <87hbaia58a.fsf@uwakimon.sk.tsukuba.ac.jp> <87aagansj0.fsf@lifelogs.com> NNTP-Posting-Host: lo.gmane.org Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Trace: dough.gmane.org 1301668981 21256 80.91.229.12 (1 Apr 2011 14:43:01 GMT) X-Complaints-To: usenet@dough.gmane.org NNTP-Posting-Date: Fri, 1 Apr 2011 14:43:01 +0000 (UTC) Cc: emacs-devel@gnu.org To: Ted Zlatanov Original-X-From: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org Fri Apr 01 16:42:57 2011 Return-path: Envelope-to: ged-emacs-devel@m.gmane.org Original-Received: from lists.gnu.org ([199.232.76.165]) by lo.gmane.org with esmtp (Exim 4.69) (envelope-from ) id 1Q5fYu-0000yj-Q6 for ged-emacs-devel@m.gmane.org; Fri, 01 Apr 2011 16:42:56 +0200 Original-Received: from localhost ([127.0.0.1]:35577 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.43) id 1Q5fYt-00081V-TS for ged-emacs-devel@m.gmane.org; Fri, 01 Apr 2011 10:42:56 -0400 Original-Received: from [140.186.70.92] (port=44547 helo=eggs.gnu.org) by lists.gnu.org with esmtp (Exim 4.43) id 1Q5fPW-00043n-BQ for emacs-devel@gnu.org; Fri, 01 Apr 2011 10:33:15 -0400 Original-Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1Q5fPV-0005ft-2C for emacs-devel@gnu.org; Fri, 01 Apr 2011 10:33:14 -0400 Original-Received: from mgmt2.sk.tsukuba.ac.jp ([130.158.97.224]:38306) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1Q5fPU-0005el-R2 for emacs-devel@gnu.org; Fri, 01 Apr 2011 10:33:13 -0400 Original-Received: from uwakimon.sk.tsukuba.ac.jp (uwakimon.sk.tsukuba.ac.jp [130.158.99.156]) by mgmt2.sk.tsukuba.ac.jp (Postfix) with ESMTP id 2399D9701C3; Fri, 1 Apr 2011 23:33:08 +0900 (JST) Original-Received: by uwakimon.sk.tsukuba.ac.jp (Postfix, from userid 1000) id 8C1D71A3A82; Fri, 1 Apr 2011 23:38:20 +0900 (JST) In-Reply-To: <87aagansj0.fsf@lifelogs.com> X-Mailer: VM 8.1.93a under 21.5 (beta29) "garbanzo" eac2e6bd5b2c+ XEmacs Lucid (x86_64-unknown-linux) X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.6 (newer, 3) X-Received-From: 130.158.97.224 X-BeenThere: emacs-devel@gnu.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Emacs development discussions." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Original-Sender: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org Errors-To: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org Xref: news.gmane.org gmane.emacs.devel:137996 Archived-At: Ted Zlatanov writes: > I'm not proposing a security model; the user protection is only > that there's a smaller chance an attacker would see the secret > strings in a memory image of the Emacs process. My point is, if you have no security model, why bother? It is very unlikely that an attack on Emacs memory would reveal "secret strings". If somebody cares about that small chance, they're either kidding themselves, or they have a security model that will tell them to *ignore* the autowiping GC, and wipe themselves. Cleanliness-is-next-to-***liness-ly y'rs,