From: "Roland Winkler" <winkler@gnu.org>
To: Lars Ingebrigtsen <larsi@gnus.org>
Cc: 9113@debbugs.gnu.org, Ted Zlatanov <tzz@lifelogs.com>
Subject: bug#9113: 24.0.50; auth-sources: .authinfo versus .authinfo.gpg
Date: Sat, 28 Jan 2012 13:32:08 -0600 [thread overview]
Message-ID: <20260.19768.553254.135471@gargle.gargle.HOWL> (raw)
In-Reply-To: <877h0bveaq.fsf@gnus.org>
On Sat Jan 28 2012 Lars Ingebrigtsen wrote:
> "Roland Winkler" <winkler@gnu.org> writes:
>
> > It is highly recommended to store the file .authinfo as an
> > encrypted file as .authinfo.gpg, though in some cases such a
> > solution can be inconvenient or otherwise problematic.
>
> I would say "it's highly discouraged", because putting your
> passwords into the .authinfo.gpg file will render your Emacs
> virtually unusable for reading mail/news/etc. (By default.)
>
> I mean, unless you think typing in a password three gazillion
> times is OK.
But then it appears to me that elsewhere there is a problem:
Why is it necessary that Emacs reads this file three gazillion
times? I would assume: reading the encrypted file once and holding
the content in memory cannot be more unsecure than storing the
sensitive information in an unencrypted file.
With an unencrypted file, the passwords are definitely lost /
exposed if my laptop is lost or stolen. With an encrypted file, a
thief needs to access the memory of a running (or dumped) emacs
process, which appears less likely to me.
In any case, how are ssh-agent and gpg-agent handling passphrases
that are given to them?
What am I missing here?
Roland
next prev parent reply other threads:[~2012-01-28 19:32 UTC|newest]
Thread overview: 31+ messages / expand[flat|nested] mbox.gz Atom feed top
2011-07-18 3:08 bug#9113: 24.0.50; auth-sources: .authinfo versus .authinfo.gpg Roland Winkler
2012-01-25 20:18 ` Ted Zlatanov
2012-01-26 2:02 ` Stefan Monnier
2012-01-26 15:32 ` Ted Zlatanov
2012-01-26 17:28 ` Stefan Monnier
2012-01-26 17:52 ` Lars Ingebrigtsen
2012-01-26 17:53 ` Achim Gratz
2012-01-26 20:01 ` bug#9113: 24.0.50; auth-sources: .authinfo versus .authinfo.gpg, bug#9113: 24.0.50; auth-sources: .authinfo versus .authinfo.gpg, " Ted Zlatanov
2012-01-26 21:41 ` Stefan Monnier
2012-01-30 16:36 ` Lars Ingebrigtsen
2012-01-30 22:18 ` Stefan Monnier
2012-01-30 22:21 ` Lars Ingebrigtsen
2012-01-31 9:00 ` Michael Albinus
2012-01-31 17:51 ` Stefan Monnier
2012-02-13 17:35 ` Ted Zlatanov
2012-02-13 18:35 ` Michael Albinus
2012-01-27 1:47 ` bug#9113: 24.0.50; auth-sources: .authinfo versus .authinfo.gpg, bug#9113: 24.0.50; auth-sources: .authinfo versus .authinfo.gpg, " Daiki Ueno
2012-01-27 16:23 ` Ted Zlatanov
2012-01-29 9:50 ` Daiki Ueno
2012-01-30 16:33 ` bug#9113: 24.0.50; auth-sources: .authinfo versus .authinfo.gpg, bug#9113: 24.0.50; auth-sources: .authinfo versus .authinfo.gpg, " Lars Ingebrigtsen
2012-01-31 6:55 ` Chong Yidong
2012-01-31 11:57 ` Lars Ingebrigtsen
2012-02-03 17:14 ` Kevin Rodgers
2012-01-31 11:11 ` Ted Zlatanov
2012-01-31 11:37 ` Michael Albinus
2012-02-13 17:38 ` Ted Zlatanov
2012-01-28 8:47 ` Roland Winkler
2012-01-28 19:05 ` Lars Ingebrigtsen
2012-01-28 19:32 ` Roland Winkler [this message]
2012-01-30 16:18 ` Lars Ingebrigtsen
2012-01-30 18:49 ` Roland Winkler
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20260.19768.553254.135471@gargle.gargle.HOWL \
--to=winkler@gnu.org \
--cc=9113@debbugs.gnu.org \
--cc=larsi@gnus.org \
--cc=tzz@lifelogs.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this external index
https://git.savannah.gnu.org/cgit/emacs.git
https://git.savannah.gnu.org/cgit/emacs/org-mode.git
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.