From mboxrd@z Thu Jan 1 00:00:00 1970 From: Bastien Subject: Re: org-crypt.el security problem (From: Milan Zamazal) Date: Sun, 06 Mar 2011 11:01:41 +0100 Message-ID: <874o7glg8q.fsf@gnu.org> References: <87bp1quc7q.fsf@keller.adm.naquadah.org> Mime-Version: 1.0 Content-Type: text/plain Return-path: Received: from [140.186.70.92] (port=32779 helo=eggs.gnu.org) by lists.gnu.org with esmtp (Exim 4.43) id 1PwAml-0002n0-PV for emacs-orgmode@gnu.org; Sun, 06 Mar 2011 05:02:00 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1PwAmk-0005En-JH for emacs-orgmode@gnu.org; Sun, 06 Mar 2011 05:01:59 -0500 Received: from mail-ww0-f49.google.com ([74.125.82.49]:53464) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1PwAmk-0005Eh-9c for emacs-orgmode@gnu.org; Sun, 06 Mar 2011 05:01:58 -0500 Received: by wwj40 with SMTP id 40so3526692wwj.30 for ; Sun, 06 Mar 2011 02:01:57 -0800 (PST) In-Reply-To: <87bp1quc7q.fsf@keller.adm.naquadah.org> (Julien Danjou's message of "Fri, 04 Mar 2011 16:39:21 +0100") List-Id: "General discussions about Org-mode." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: emacs-orgmode-bounces+geo-emacs-orgmode=m.gmane.org@gnu.org Errors-To: emacs-orgmode-bounces+geo-emacs-orgmode=m.gmane.org@gnu.org To: Julien Danjou Cc: emacs-orgmode@gnu.org Hi Julien, Julien Danjou writes: > On Fri, Mar 04 2011, Peter Jones wrote: > >> Hopefully there's an autosave hook where you can encrypt the headings >> and save to disk using a temporary buffer without having to alter the >> current buffer and interrupt the user by encrypting a heading that is >> being edited. > > I've recently added caching of encrypted text, so that org-crypt will > not recrypt the text once again if it has not been modified, but reuse > the previous crypting value. I've seen org-encrypt-string but I don't see we could use it for the problem at hand. Also, the purpose is to encrypt the auto-saved buffer and *not* the visited buffer -- which I don't know how to do. > That could be used to automagically re-encrypt all text before > auto-saving. Please let us know if you can think of a better fix than the warning! Thanks, -- Bastien