From mboxrd@z Thu Jan  1 00:00:00 1970
Path: news.gmane.io!.POSTED.blaine.gmane.org!not-for-mail
From: Adam Porter <adam@alphapapa.net>
Newsgroups: gmane.emacs.devel
Subject: Re: Storing sensitive data indefinitely in variables or buffers:
 Whether and how to fix?
Date: Sun, 4 Jun 2023 18:47:07 -0500
Message-ID: <fa858dba-6b08-7824-4b56-6135e4010c4f@alphapapa.net>
References: <d6182b7a-d06f-9f3a-719c-7fd3c0bdd435@vodafonemail.de>
 <5b541bf1-1d13-ac8e-a91c-e1b238cc6f84@alphapapa.net> <83v8g6bcls.fsf@gnu.org>
Mime-Version: 1.0
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: 7bit
Injection-Info: ciao.gmane.io; posting-host="blaine.gmane.org:116.202.254.214";
	logging-data="10220"; mail-complaints-to="usenet@ciao.gmane.io"
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:102.0) Gecko/20100101
 Thunderbird/102.11.0
Cc: jschmidt4gnu@vodafonemail.de, emacs-devel@gnu.org, yantar92@posteo.net
To: Eli Zaretskii <eliz@gnu.org>
Original-X-From: emacs-devel-bounces+ged-emacs-devel=m.gmane-mx.org@gnu.org Mon Jun 05 01:48:19 2023
Return-path: <emacs-devel-bounces+ged-emacs-devel=m.gmane-mx.org@gnu.org>
Envelope-to: ged-emacs-devel@m.gmane-mx.org
Original-Received: from lists.gnu.org ([209.51.188.17])
	by ciao.gmane.io with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
	(Exim 4.92)
	(envelope-from <emacs-devel-bounces+ged-emacs-devel=m.gmane-mx.org@gnu.org>)
	id 1q5xSM-0002QW-80
	for ged-emacs-devel@m.gmane-mx.org; Mon, 05 Jun 2023 01:48:18 +0200
Original-Received: from localhost ([::1] helo=lists1p.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.90_1)
	(envelope-from <emacs-devel-bounces@gnu.org>)
	id 1q5xRK-0006pc-9P; Sun, 04 Jun 2023 19:47:14 -0400
Original-Received: from eggs.gnu.org ([2001:470:142:3::10])
 by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <adam@alphapapa.net>)
 id 1q5xRJ-0006pO-EA
 for emacs-devel@gnu.org; Sun, 04 Jun 2023 19:47:13 -0400
Original-Received: from cyan.elm.relay.mailchannels.net ([23.83.212.47])
 by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <adam@alphapapa.net>)
 id 1q5xRH-0000pd-Kb; Sun, 04 Jun 2023 19:47:13 -0400
X-Sender-Id: dreamhost|x-authsender|adam@alphapapa.net
Original-Received: from relay.mailchannels.net (localhost [127.0.0.1])
 by relay.mailchannels.net (Postfix) with ESMTP id 6BECF3C187F;
 Sun,  4 Jun 2023 23:47:06 +0000 (UTC)
Original-Received: from pdx1-sub0-mail-a236.dreamhost.com (unknown [127.0.0.6])
 (Authenticated sender: dreamhost)
 by relay.mailchannels.net (Postfix) with ESMTPA id 00E203C18F3;
 Sun,  4 Jun 2023 23:47:05 +0000 (UTC)
ARC-Seal: i=1; s=arc-2022; d=mailchannels.net; t=1685922426; a=rsa-sha256;
 cv=none;
 b=8I8qaxabq2siiWBAaFBbQ55MezN/Levc3He/6TR5bmQKzlnaFVCvFslvDZfIBfupREtyoJ
 QLRgT+5d1OYrKh8GYvyMq18jwdp2NBMb2eZaRLqlgko2kxecYXS7jppQSwzTiadeaVkvH3
 gMS0s5NuJmhWBuj1bQUdFf0Di9Uq0muq2TBZt83PlwhPMdE0IXnByYm+QORjKdbg42WExl
 eL71Nq1H+YAjb/jLBIem0/UIIM/WAmgMxW9ecf9H9lk3GuqE/BoOqfbJ8KWGawoQq4xAIR
 ZTHDL3JqG9flhqDC9uHKTLvZiOwf5CC/EMxa+OqW5EjQ4IiPXvKbhZUUnjgPNw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed;
 d=mailchannels.net; s=arc-2022; t=1685922426;
 h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
 to:to:cc:cc:mime-version:mime-version:content-type:content-type:
 content-transfer-encoding:content-transfer-encoding:
 in-reply-to:in-reply-to:references:references:dkim-signature;
 bh=wDgJHw2Wyk+9HHQl+c/cNZkl/Zgp8G4Q1DEaQfRcZF0=;
 b=CcIdvKXWoTeoPWyqXz1DHi/lYYH0ny5gauM0FntAGr+imMi8daYE+IyYuo5+iwe3UttJ0M
 hOnu7i45NkHVuBNKfYBjA6MdGylfmj0ZTS3YtF2TRG0QYcC4VmpT0uBsFR2d7ZndhQQ7yA
 aPiIG0jwf5IhdYH0qTeOIL8ij/JQt2wQxl9ZmDn1ucdHMEEbZSm2VsL0AeyaX2rybnzrjy
 EaCnLgwpzm0da7YmhpDY8KoZn/3i3+Ttay72HvBI5pK644j4tRxV4Cbx8bGzow9YoJxyF/
 FAOPbCWYWHE32pwFKlu/czU3Il5uDICIkNms8B4vIS0L3OZFpeMehEvQ7g0x8g==
ARC-Authentication-Results: i=1; rspamd-5f966895c-nmz7b;
 auth=pass smtp.auth=dreamhost smtp.mailfrom=adam@alphapapa.net
X-Sender-Id: dreamhost|x-authsender|adam@alphapapa.net
X-MC-Relay: Neutral
X-MailChannels-SenderId: dreamhost|x-authsender|adam@alphapapa.net
X-MailChannels-Auth-Id: dreamhost
X-Cold-Robust: 075db67a5508d8e4_1685922426268_1772583163
X-MC-Loop-Signature: 1685922426268:2530323271
X-MC-Ingress-Time: 1685922426268
Original-Received: from pdx1-sub0-mail-a236.dreamhost.com (pop.dreamhost.com
 [64.90.62.162]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384)
 by 100.123.193.162 (trex/6.8.1); Sun, 04 Jun 2023 23:47:06 +0000
Original-Received: from [10.60.1.158] (unknown [193.56.117.222])
 (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits)
 key-exchange X25519 server-signature RSA-PSS (2048 bits))
 (No client certificate requested)
 (Authenticated sender: adam@alphapapa.net)
 by pdx1-sub0-mail-a236.dreamhost.com (Postfix) with ESMTPSA id 4QZD152KMxz31; 
 Sun,  4 Jun 2023 16:47:05 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=alphapapa.net;
 s=dreamhost; t=1685922425;
 bh=wDgJHw2Wyk+9HHQl+c/cNZkl/Zgp8G4Q1DEaQfRcZF0=;
 h=Date:Subject:To:Cc:From:Content-Type:Content-Transfer-Encoding;
 b=HIVtGevFRUQCeKBKmeYxecw5J3OhZWJyyfg2d2f38erDzBn5xvNPxiHVBjxaYTjOY
 5D7zWUjRy5ApSEiCRdI1OdIhLv8/H4iEvVHO2hWD7ndK6giTbZob2G9MWzax7xTFRC
 gqmRSVvdQTZSC4IQHL3V6nK9h2LD1kvMwQro0smT+TzS+N8N1qAyexPfWsTeiCJ8ub
 Zwqli6MAy2QP8JEBWHPQvyDt3nPueJCx24KBXoeNf0Wzlsfo5821qV9OfXRr5jec1U
 FB36fvPnyI/Z5Ty0YwxLyIoYHk7x8w4dFTnhxzJjp4gIG9KZFHCkypJLOs3YvYSQyh
 9u5yWGWn/HkIg==
Content-Language: en-US
In-Reply-To: <83v8g6bcls.fsf@gnu.org>
Received-SPF: neutral client-ip=23.83.212.47; envelope-from=adam@alphapapa.net;
 helo=cyan.elm.relay.mailchannels.net
X-Spam_score_int: -23
X-Spam_score: -2.4
X-Spam_bar: --
X-Spam_report: (-2.4 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1,
 DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, NICE_REPLY_A=-0.091,
 RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H5=-1, RCVD_IN_MSPIKE_WL=-0.01,
 SPF_HELO_NONE=0.001, SPF_NEUTRAL=0.779,
 T_SCC_BODY_TEXT_LINE=-0.01 autolearn=ham autolearn_force=no
X-Spam_action: no action
X-BeenThere: emacs-devel@gnu.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Emacs development discussions." <emacs-devel.gnu.org>
List-Unsubscribe: <https://lists.gnu.org/mailman/options/emacs-devel>,
 <mailto:emacs-devel-request@gnu.org?subject=unsubscribe>
List-Archive: <https://lists.gnu.org/archive/html/emacs-devel>
List-Post: <mailto:emacs-devel@gnu.org>
List-Help: <mailto:emacs-devel-request@gnu.org?subject=help>
List-Subscribe: <https://lists.gnu.org/mailman/listinfo/emacs-devel>,
 <mailto:emacs-devel-request@gnu.org?subject=subscribe>
Errors-To: emacs-devel-bounces+ged-emacs-devel=m.gmane-mx.org@gnu.org
Original-Sender: emacs-devel-bounces+ged-emacs-devel=m.gmane-mx.org@gnu.org
Xref: news.gmane.io gmane.emacs.devel:306628
Archived-At: <http://permalink.gmane.org/gmane.emacs.devel/306628>

On 6/2/23 01:30, Eli Zaretskii wrote:
>> Date: Thu, 1 Jun 2023 15:47:39 -0500
>> Cc: adam@alphapapa.net, emacs-devel@gnu.org, yantar92@posteo.net
>> From: Adam Porter <adam@alphapapa.net>
>>
>> plstore looks like an interesting library, but even that looks like more
>> than the simple solution I'm wishing for.  I'm not sure that, as an
>> application author, I should need to care about which keys in a record
>> are encrypted or not.  I just want to do something simple and Lispy, like:
>>
>>     (alist-get "@alphapapa:matrix.org" (secure-storage 'ement-sessions))
>>
>> To get my Matrix session's data.  Or:
>>
>>     (map-nested-elt (secure-storage 'ement-sessions)
>> '("@alphapapa:matrix.org" token))
>>
>> to get that session's token.  And then:
>>
>>     (setf (map-nested-elt (secure-storage 'ement-sessions)
>> '("@alphapapa:matrix.org" token)) "foobarbaz")
>>
>> to write the data to the secure storage.  And then the secure-storage
>> library should automatically handle the encryption/decryption,
>> filesystem location, backend format, prompting the user for a key and/or
>> caching it appropriately, etc.
>>
>> I think this is the simplest kind of API that could be useful to
>> applications--and it would be really useful.
> 
> I see no problems implementing such a simple API on top of plstore.el.
> But I don't really understand why you would care to use alist-get
> instead of, say, plstore-get.  Why does it matter whether the storage
> is presented as an alist or as an opaque storage with accessor and
> setter?

I don't mean that it should be an alist specifically.  I mean that I'd 
just like to get/put a Lisp object, which I could then use with standard 
Lisp functions like alist-get, plist-get, gethash, as well as map-elt, 
and setf wrappers for setting, etc.