Re: auth-source change default spec

unofficial mirror of emacs-devel@gnu.org 
 help / color / mirror / code / Atom feed

From: Tim Cross <theophilusx@gmail.com>
To: emacs-devel@gnu.org
Subject: Re: auth-source change default spec
Date: Thu, 3 May 2012 14:09:25 +1000	[thread overview]
Message-ID: <CAC=50j-GL5RFLLUnJo7vW+Zqj92ZhiBj-a8rK7rv2+8ZbFCmJw@mail.gmail.com> (raw)
In-Reply-To: <87sjfibwhj.fsf@lifelogs.com>

On 2 May 2012 22:25, Ted Zlatanov <tzz@lifelogs.com> wrote:
> On Wed, 2 May 2012 07:41:19 +1000 Tim Cross <theophilusx@gmail.com> wrote:
>
> TC> It seems that if the user has both an .authinfo and an .authinfo.gpg
> TC> file, auth-sources is not searching both files. Note that the
> TC> .authinfo file only contains the entries that were just added and that
> TC> the previous entries are still only in the .authinfo.gpg file. Note
> TC> also that the entries are all for different resources. The evidence is
> TC> that auth-source-search is NOT searching all identified files, only
> TC> the first one i.e. authinfo not authinfo.gpg even if it does not find
> TC> a match for the requested resource in .authinfo. From what you write,
> TC> I get the impression that this is not the expected behaviour - the
> TC> search is supposed to search all available files until (in the case of
> TC> :max 1) at least one match if found. This does not seem to be the
> TC> case.
>
> This is either a bug or a misconfiguration; I just tested it and the
> search went to the second file for me.  Please open a bug, set
> `auth-source-debug' to 'trivia, and attach the value of `auth-sources'
> and the content of *Messages* to show the log output when the bug
> occurs.  If you can attach the edited .authinfo* files, even better.
>

OK, will update emacs and log a bug report with recipe if I am still
able to reproduce the issue.

> TC> If I have a .authinfo.gpg file and auth-sources knows I have the
> TC> file (it has already prompted for the passphrase in the initial
> TC> search) and has failed to find the resource and has prompted for the
> TC> values and then prompts to save those values, I think it should save
> TC> them (or at least offer to save them) to the most secure version it
> TC> knows about i.e. .authinfo.gpg. With the existing setup, it is very
> TC> easy for the user to be under a false sense of security - they have
> TC> setup an .authinfo.gpg file, obviously have the necessary supporting
> TC> programs etc and I think they should expect that a program which
> TC> offers to save new credentials will use the more secure method when
> TC> it already knows the gpg file exists
>
> There are 4 typical backends (plist-store, Secrets API, and netrc files
> which can be .gpg or not), and the place where the file is stored may be
> a factor too (e.g. a .gpg file on a NFS server may be considered worse
> than unencrypted locally).  So we don't know what the user considers secure.
>
> I'd rather change the "add entry" prompt to offer a choice of places to
> save the new entry, so the user can choose.  This is a rare event so it
> makes sense to bring up a menu.  I really don't think the auth-source
> library should decide what's most secure!
>
> What's a good multiple-choice menu library in Emacs?  Or do I roll my
> own?  I can't solve it with a one-line prompt so it has to be fairly
> intelligent yet work in a TTY.  I need it to be built-in, not external.
>
> The choices would be:
>
> Save to:
>
> (show contents of `auth-sources' here with an explanation)
>
> (1) [first `auth-sources' entry]
> (2) [second `auth-sources' entry]
> ...
>
> (e) Customize `auth-sources'
>
> (c) Cancel
>
> TC> The problem with expecting users being required to edit the
> TC> auth-sources file is that they may encounter the auth-sources
> TC> library as a side effect of running some other program.
>
> ...
>
> TC> The user is not required to configure anything in order to enable
> TC> auth-sources. I think this creates a slight inconsistency. To obtain
> TC> secure behaviour, the user must edit a value they may not even know
> TC> about for a library they have made no concious decision to
> TC> use.
>
> You are right, but making the user configure `auth-sources' the first
> time it's used would really annoy many Emacs users.  I'd rather make it
> work OK by default, prompt for the save place as you suggested above,
> and rely on the user to be curious and customize their environment.
>
> So if I get the menu question addressed, I'll add that menu.
>
> Ted
>
>
I agree. The ability for the user to specify/choose where the entry is
saved would be an adequate solution and provides a reasonable outcome
for the majority of users regardless of their level of concern or
configuration sophistication re: security and auth-sources.
Unfortunately, I can't recommend the best approach for menu
generation/handling.

thanks for being receptive to my comments/suggestions and the effort put in.

Tim



-- 
Tim Cross

     prev parent reply	other threads:[~2012-05-03  4:09 UTC|newest]

Thread overview: 29+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2012-04-28  0:45 auth-source change default spec Tim Cross
2012-04-28  8:46 ` Tim Cross
2012-04-28 15:08   ` Stefan Monnier
2012-04-29  0:04     ` Tim Cross
2012-04-30 12:23 ` Ted Zlatanov
2012-04-30 12:51   ` Richard Riley
2012-04-30 22:41     ` Tim Cross
2012-05-01 14:00     ` Ted Zlatanov
2012-05-01 21:41       ` Tim Cross
2012-05-02 12:25         ` Ted Zlatanov
2012-05-02 13:59           ` menu system in recent Emacs? (was: auth-source change default spec) Ted Zlatanov
2012-05-02 14:37             ` menu system in recent Emacs? Davis Herring
2012-05-02 15:07               ` Ted Zlatanov
2012-05-02 18:52             ` Tassilo Horn
2012-05-02 19:35               ` Ted Zlatanov
2012-05-02 18:00                 ` Eric Schulte
2012-05-02 21:34                   ` Ted Zlatanov
2012-05-02 23:52                     ` Thien-Thi Nguyen
2012-05-03  0:53                       ` Ted Zlatanov
2012-05-03  1:12                         ` Thien-Thi Nguyen
2012-05-03  1:44                           ` Ted Zlatanov
2012-05-03  1:47                           ` Stefan Monnier
2012-05-03  5:21                           ` Thierry Volpiatto
2012-05-03  6:25                             ` Thierry Volpiatto
2012-05-03  7:13                             ` Thien-Thi Nguyen
2012-05-03  7:28                               ` Thierry Volpiatto
2012-05-03  6:18                   ` Stefan Reichör
2012-05-03 12:01                     ` Ted Zlatanov
2012-05-03  4:09           ` Tim Cross [this message]

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

  List information: https://www.gnu.org/software/emacs/

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to='CAC=50j-GL5RFLLUnJo7vW+Zqj92ZhiBj-a8rK7rv2+8ZbFCmJw@mail.gmail.com' \
    --to=theophilusx@gmail.com \
    --cc=emacs-devel@gnu.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

Code repositories for project(s) associated with this public inbox

	https://git.savannah.gnu.org/cgit/emacs.git

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).