From mboxrd@z Thu Jan 1 00:00:00 1970 Path: news.gmane.io!.POSTED.blaine.gmane.org!not-for-mail From: Adam Porter Newsgroups: gmane.emacs.devel Subject: Re: Storing sensitive data indefinitely in variables or buffers: Whether and how to fix? Date: Wed, 31 May 2023 11:39:31 -0500 Message-ID: <6503151d-13be-f299-24a2-76bb9d6fecc8@alphapapa.net> References: <87fs7dnd1u.fsf@localhost> Mime-Version: 1.0 Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit Injection-Info: ciao.gmane.io; posting-host="blaine.gmane.org:116.202.254.214"; logging-data="26916"; mail-complaints-to="usenet@ciao.gmane.io" User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:102.0) Gecko/20100101 Thunderbird/102.11.0 Cc: emacs-devel@gnu.org, jschmidt4gnu@vodafonemail.de To: yantar92@posteo.net Original-X-From: emacs-devel-bounces+ged-emacs-devel=m.gmane-mx.org@gnu.org Wed May 31 18:40:27 2023 Return-path: Envelope-to: ged-emacs-devel@m.gmane-mx.org Original-Received: from lists.gnu.org ([209.51.188.17]) by ciao.gmane.io with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.92) (envelope-from ) id 1q4Os6-0006rt-IE for ged-emacs-devel@m.gmane-mx.org; Wed, 31 May 2023 18:40:26 +0200 Original-Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1q4OrL-00081O-40; Wed, 31 May 2023 12:39:39 -0400 Original-Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1q4OrI-00080w-RS for emacs-devel@gnu.org; Wed, 31 May 2023 12:39:36 -0400 Original-Received: from bee.birch.relay.mailchannels.net ([23.83.209.14]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1q4OrG-0007xO-Oq for emacs-devel@gnu.org; Wed, 31 May 2023 12:39:36 -0400 X-Sender-Id: dreamhost|x-authsender|adam@alphapapa.net Original-Received: from relay.mailchannels.net (localhost [127.0.0.1]) by relay.mailchannels.net (Postfix) with ESMTP id 349DD3E19F4; Wed, 31 May 2023 16:39:31 +0000 (UTC) Original-Received: from pdx1-sub0-mail-a312.dreamhost.com (unknown [127.0.0.6]) (Authenticated sender: dreamhost) by relay.mailchannels.net (Postfix) with ESMTPA id 9072B3E191C; Wed, 31 May 2023 16:39:30 +0000 (UTC) ARC-Seal: i=1; s=arc-2022; d=mailchannels.net; t=1685551170; a=rsa-sha256; cv=none; b=VecAHw2I3Io4JFYhTDzGn+hNJ89P+TKHa17kNaJ6biQNfW+9CJBhqr3b2C+mfVPJlJUYi6 HtWMd1Bd5tLmM5HL3oFlAGowbA2K4mEPjtcPzdAjvL0Tvzpz6JICHJJFFwGeal3AMa3LIL 77x6kSgs2TPup0GeqLnxuhOITQxNTg4oPSp6cr2suF+q+bjjdWE+/2Oa4an0uq2JWBbsiU IVNrD8UZXb12CVypeWg6OGYrlPuJWoNgUZG4ooKM8nlc1qs9X3HQJJj9uC3iSiOjZo8EwK deipVmGkeQPV7jOPn1h0+4L+6TWo9lnCxw4NFRhX5uE5Tj7TVOEtFUCd8ynkIw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=mailchannels.net; s=arc-2022; t=1685551170; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=ivb/O4mYACcIw0jR8K9S3LO+5H0IfYhYuqP9wd0p2vY=; b=3qDa0Vk8Vhvtol0SRLUwgfDvlSJdjYfz7fnTKNGriMFKm2wO1qxpT9OMPWbIUyhBr/kYg5 75dDFX1B2b26ZbXo+BHunvqcDUq90T/ckgnOrC1eTRevAv/OvRxczXwQ28kA6n0DWCg0mM 7+fuTTpvgQCPFjGfgteu4I46IXI+Asb3C9ki6NF+xiTjDqhZZN4e+mTHEeV+RS9EU32EXl eVttkk3zD8/nYrqBX0dnKDh8caX4bgGfbTJshqKZ04WZuUwjUINrOScjLIHlgVs+nbVIdU 8/jlbc9Ele7aqulf5HTNGzXmdWPUY02DT17Gy1QajfQ3XdRxVMuZoz4kg16wHg== ARC-Authentication-Results: i=1; rspamd-d7bbc7d84-pj946; auth=pass smtp.auth=dreamhost smtp.mailfrom=adam@alphapapa.net X-Sender-Id: dreamhost|x-authsender|adam@alphapapa.net X-MC-Relay: Neutral X-MailChannels-SenderId: dreamhost|x-authsender|adam@alphapapa.net X-MailChannels-Auth-Id: dreamhost X-Spill-Eyes: 5f4c17586048012e_1685551171036_3312388667 X-MC-Loop-Signature: 1685551171035:1756159490 X-MC-Ingress-Time: 1685551171035 Original-Received: from pdx1-sub0-mail-a312.dreamhost.com (pop.dreamhost.com [64.90.62.162]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384) by 100.97.48.123 (trex/6.8.1); Wed, 31 May 2023 16:39:31 +0000 Original-Received: from [10.60.1.170] (unknown [193.56.117.222]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) (Authenticated sender: adam@alphapapa.net) by pdx1-sub0-mail-a312.dreamhost.com (Postfix) with ESMTPSA id 4QWZjY5rmqzFJ; Wed, 31 May 2023 09:39:29 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=alphapapa.net; s=dreamhost; t=1685551170; bh=ivb/O4mYACcIw0jR8K9S3LO+5H0IfYhYuqP9wd0p2vY=; h=Date:To:Cc:Subject:From:Content-Type:Content-Transfer-Encoding; b=Z/EjWARTIbuIg1+mzOk9toxqOfOSs/OvX7U9N8b0K+eu+cfkev90xVcs87E27hNsa s4MVwY7yMXYgrM1iRJn0GgyJU13WG6n4Pp3F0r/tWFiqR1PaN5DMxL5j9Rh5aCGGPj o5b9/ESbe0AyPsltwLO4s2a7O5qk5qePXSvm4cO5G1I8Wz/HmGXgXd+yyTz4SGFtxI +V9mS0/QIBxYGC2e9EfDcIv3dY6T+elZJU2rHc4tMpFGIwImRZxud/bawGwn0B/XJ/ pB4TOBZHbavoW5M26b65/nyDcs9ApnYyDCKfNlOS1pz42iPvVOWtoTqIKuGbXy6iUr R6YF7FIC1s+oA== Content-Language: en-US In-Reply-To: <87fs7dnd1u.fsf@localhost> Received-SPF: neutral client-ip=23.83.209.14; envelope-from=adam@alphapapa.net; helo=bee.birch.relay.mailchannels.net X-Spam_score_int: -13 X-Spam_score: -1.4 X-Spam_bar: - X-Spam_report: (-1.4 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, NICE_REPLY_A=-0.091, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H5=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_HELO_NONE=0.001, SPF_NEUTRAL=0.779, T_SCC_BODY_TEXT_LINE=-0.01 autolearn=no autolearn_force=no X-Spam_action: no action X-BeenThere: emacs-devel@gnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: "Emacs development discussions." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: emacs-devel-bounces+ged-emacs-devel=m.gmane-mx.org@gnu.org Original-Sender: emacs-devel-bounces+ged-emacs-devel=m.gmane-mx.org@gnu.org Xref: news.gmane.io gmane.emacs.devel:306454 Archived-At: I've recently been thinking about similar issues. In Ement.el, it's necessary to store a session token, which is used upon next connection to prevent having to log in with a password again (the Matrix protocol does not intend for users to re-enter their password on each connection). For now, the token is stored in a plain-text file with permissions set securely, but obviously it would be good for the token to be encrypted at rest. I once attempted to use the auth-source library to store it, but due to numerous problems[0], I gave up on that idea. Since then we've gained the `persist' and `multisession' libraries, which seem like good tools, but neither one offers secure storage. I think Emacs needs a new library to store Lisp data securely. Ideally the API would simply return a Lisp object which could be used with common functions like alist-get, gethash, etc. to read data. For writing, perhaps some kind of simple macro or function wrapper that would store the data securely, as-configured, without the application needing to know the details. Even more ideally, such a feature would be part of `persist' and/or `multisession', or at least be built on top of them, to avoid having yet-another data-persistence library. (I also hope we can figure out the situation with regard to having both `persist' and `multisession' now; I asked[1] last month, but the discussion didn't proceed very far.) Does anyone else have thoughts about this? Thanks, Adam 0: https://old.reddit.com/r/emacs/comments/8lvda6/is_authsource_from_the_dark_side/ 1: https://lists.gnu.org/archive/html/emacs-devel/2023-04/msg00269.html