From: "Daiki Ueno" <ueno@unixuser.org>
To: "Sascha Wilde" <wilde@sha-bang.de>
Cc: Dan Nicolaescu <dann@ics.uci.edu>,
mwolson@gnu.org, rms@gnu.org, monnier@iro.umontreal.ca,
emacs-devel@gnu.org
Subject: Re: patch to include EasyPG to Emacs
Date: Sat, 16 Feb 2008 02:05:35 +0900 [thread overview]
Message-ID: <54a15d860802150905k42b65a03h7bd134924354881@mail.gmail.com> (raw)
In-Reply-To: <m27ih6ednd.fsf@kenny.sha-bang.de>
2008/2/15, Sascha Wilde <wilde@sha-bang.de>:
> There is still the problem, that one can't prevent Emacs from swapping
> out the content of such an buffer -- but that's a more generic problem
> (which was discussed briefly in an earlier thread IIRC).
Of course. However, I think that it is a reasonable trade-off between
security and usability. If it is a real problem, every program
(outside Emacs) which interacts with GnuPG has the same problem unless
it does mprotect(2) decrypted content by themselves, which requires
root privilege at all times.
IMHO, there is the order of priority of credentials. That is:
public key encryption passphrases > symmetric encryption passphrases >
decrypted contents
I think the first two should always be protected, but for the last
one, the way of protection is application dependent.
Regards,
--
Daiki Ueno
next prev parent reply other threads:[~2008-02-15 17:05 UTC|newest]
Thread overview: 44+ messages / expand[flat|nested] mbox.gz Atom feed top
2008-02-07 4:58 patch to include EasyPG to Emacs Daiki Ueno
2008-02-07 5:13 ` Dan Nicolaescu
2008-02-07 9:28 ` Daiki Ueno
2008-02-07 16:24 ` Leo
2008-02-08 4:42 ` Daiki Ueno
2008-02-08 7:15 ` Dan Nicolaescu
2008-02-08 4:14 ` Richard Stallman
2008-02-08 7:03 ` Michael Olson
2008-02-10 7:04 ` Daiki Ueno
2008-02-10 15:44 ` Stefan Monnier
2008-02-10 19:15 ` Daiki Ueno
2008-02-10 19:30 ` Daiki Ueno
2008-02-10 20:58 ` Michael Olson
2008-02-10 21:29 ` Daiki Ueno
2008-02-11 0:03 ` Michael Olson
2008-02-10 19:46 ` Stefan Monnier
2008-02-10 22:36 ` Dan Nicolaescu
2008-02-10 23:34 ` Daiki Ueno
2008-02-11 6:30 ` Daiki Ueno
2008-02-12 1:24 ` Michael Olson
2008-02-12 3:48 ` Dan Nicolaescu
2008-02-12 6:04 ` Daiki Ueno
2008-02-12 17:45 ` Richard Stallman
2008-02-13 17:28 ` Dan Nicolaescu
2008-02-14 4:43 ` Richard Stallman
2008-02-14 11:26 ` Daiki Ueno
2008-02-14 15:37 ` Sascha Wilde
2008-02-14 18:43 ` Daiki Ueno
2008-02-15 10:07 ` Sascha Wilde
2008-02-15 17:05 ` Daiki Ueno [this message]
2008-02-15 18:34 ` Sascha Wilde
2008-02-16 5:53 ` Richard Stallman
2008-02-16 10:25 ` Jan Djärv
2008-02-16 11:16 ` Andreas Schwab
2008-02-16 23:00 ` Jeremy Maitin-Shepard
2008-02-17 20:29 ` Richard Stallman
2008-02-17 13:23 ` Richard Stallman
2008-02-18 6:58 ` Jan Djärv
2008-02-18 7:11 ` Miles Bader
2008-02-15 0:02 ` Richard Stallman
2008-02-15 2:20 ` Daiki Ueno
2008-02-18 8:55 ` auto-encryption-mode, etc. (Re: " Daiki Ueno
2008-02-18 17:30 ` Richard Stallman
2008-02-18 19:51 ` Dan Nicolaescu
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=54a15d860802150905k42b65a03h7bd134924354881@mail.gmail.com \
--to=ueno@unixuser.org \
--cc=dann@ics.uci.edu \
--cc=emacs-devel@gnu.org \
--cc=monnier@iro.umontreal.ca \
--cc=mwolson@gnu.org \
--cc=rms@gnu.org \
--cc=wilde@sha-bang.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this external index
https://git.savannah.gnu.org/cgit/emacs.git
https://git.savannah.gnu.org/cgit/emacs/org-mode.git
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.