From mboxrd@z Thu Jan  1 00:00:00 1970
Path: news.gmane.org!not-for-mail
From: Ted Zlatanov <tzz@lifelogs.com>
Newsgroups: gmane.emacs.devel
Subject: Re: NaCl support for Emacs
Date: Tue, 10 Jan 2012 08:49:29 -0500
Organization: =?utf-8?B?0KLQtdC+0LTQvtGAINCX0LvQsNGC0LDQvdC+0LI=?= @ Cienfuegos
Message-ID: <877h0zfz12.fsf@lifelogs.com>
References: <CAJU7zaKH0NTE7ko6u24gXy9WupsNw+CAvhMdVudzxpXvsY2vig@mail.gmail.com>
	<CAAeL0SQS8e1zwsj_UUzkbazBHt534e8WVCJ4Row__R4uRn8wXg@mail.gmail.com>
	<87boqh20ha.fsf@lifelogs.com>
	<CAAeL0SSO7JA3QRYYWg6uOUkWsk87BoyZd9JQd4RLjD9yprq=YQ@mail.gmail.com>
	<ke7h15zou5.fsf@news.eternal-september.org>
	<871urc46c9.fsf@uwakimon.sk.tsukuba.ac.jp>
	<739bsoysp.fsf@news.eternal-september.org>
	<87ty47r5yt.fsf@lifelogs.com>
	<ysipknpnvp.fsf@news.eternal-september.org>
	<CAAeL0SQYNv5PFuddFeDUAYZi4Lofg9JwJ8kaMdmKNWUspWp4tA@mail.gmail.com>
	<87k452p5u3.fsf@lifelogs.com> <87liphne9e.fsf_-_@lifelogs.com>
	<jwv62gkew1l.fsf-monnier+emacs@gnu.org> <87fwfon7gl.fsf@lifelogs.com>
	<jwvehv8pldr.fsf-monnier+emacs@gnu.org> <87hb04icxl.fsf@lifelogs.com>
	<jwvipkkcpon.fsf-monnier+emacs@gnu.org> <87pqesgwnj.fsf@lifelogs.com>
	<jwvd3asb615.fsf-monnier+emacs@gnu.org> <87pqerg4df.fsf@lifelogs.com>
	<CACY+Hvqwgp7dvZK0vZ_E7-=q19AsDWtQJE0=D3vbR=NDjkiBVg@mail.gmail.com>
Reply-To: emacs-devel@gnu.org
NNTP-Posting-Host: lo.gmane.org
Mime-Version: 1.0
Content-Type: text/plain
X-Trace: dough.gmane.org 1326203400 21287 80.91.229.12 (10 Jan 2012 13:50:00 GMT)
X-Complaints-To: usenet@dough.gmane.org
NNTP-Posting-Date: Tue, 10 Jan 2012 13:50:00 +0000 (UTC)
To: emacs-devel@gnu.org
Original-X-From: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org Tue Jan 10 14:49:56 2012
Return-path: <emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org>
Envelope-to: ged-emacs-devel@m.gmane.org
Original-Received: from lists.gnu.org ([140.186.70.17])
	by lo.gmane.org with esmtp (Exim 4.69)
	(envelope-from <emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org>)
	id 1Rkc5M-0001Ud-Fo
	for ged-emacs-devel@m.gmane.org; Tue, 10 Jan 2012 14:49:56 +0100
Original-Received: from localhost ([::1]:39291 helo=lists.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org>)
	id 1Rkc5M-0004HD-1E
	for ged-emacs-devel@m.gmane.org; Tue, 10 Jan 2012 08:49:56 -0500
Original-Received: from eggs.gnu.org ([140.186.70.92]:60964)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <ged-emacs-devel@m.gmane.org>) id 1Rkc5I-0004H2-Up
	for emacs-devel@gnu.org; Tue, 10 Jan 2012 08:49:54 -0500
Original-Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <ged-emacs-devel@m.gmane.org>) id 1Rkc59-0006wi-I7
	for emacs-devel@gnu.org; Tue, 10 Jan 2012 08:49:52 -0500
Original-Received: from lo.gmane.org ([80.91.229.12]:36886)
	by eggs.gnu.org with esmtp (Exim 4.71)
	(envelope-from <ged-emacs-devel@m.gmane.org>) id 1Rkc59-0006wc-5R
	for emacs-devel@gnu.org; Tue, 10 Jan 2012 08:49:43 -0500
Original-Received: from list by lo.gmane.org with local (Exim 4.69)
	(envelope-from <ged-emacs-devel@m.gmane.org>) id 1Rkc57-0001NC-SY
	for emacs-devel@gnu.org; Tue, 10 Jan 2012 14:49:41 +0100
Original-Received: from c-76-28-40-19.hsd1.vt.comcast.net ([76.28.40.19])
	by main.gmane.org with esmtp (Gmexim 0.1 (Debian))
	id 1AlnuQ-0007hv-00
	for <emacs-devel@gnu.org>; Tue, 10 Jan 2012 14:49:41 +0100
Original-Received: from tzz by c-76-28-40-19.hsd1.vt.comcast.net with local (Gmexim 0.1
	(Debian)) id 1AlnuQ-0007hv-00
	for <emacs-devel@gnu.org>; Tue, 10 Jan 2012 14:49:41 +0100
X-Injected-Via-Gmane: http://gmane.org/
Mail-Followup-To: emacs-devel@gnu.org
Original-Lines: 39
Original-X-Complaints-To: usenet@dough.gmane.org
X-Gmane-NNTP-Posting-Host: c-76-28-40-19.hsd1.vt.comcast.net
X-Face: bd.DQ~'29fIs`T_%O%C\g%6jW)yi[zuz6;
	d4V0`@y-~$#3P_Ng{@m+e4o<4P'#(_GJQ%TT=
	D}[Ep*b!\e,fBZ'j_+#"Ps?s2!4H2-Y"sx"
Mail-Copies-To: never
User-Agent: Gnus/5.110018 (No Gnus v0.18) Emacs/24.0.90 (gnu/linux)
Cancel-Lock: sha1:bmyRSP4YdVdKiGFWBFlgVJ8tfM8=
X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.6 (newer, 3)
X-Received-From: 80.91.229.12
X-BeenThere: emacs-devel@gnu.org
X-Mailman-Version: 2.1.14
Precedence: list
List-Id: "Emacs development discussions." <emacs-devel.gnu.org>
List-Unsubscribe: <https://lists.gnu.org/mailman/options/emacs-devel>,
	<mailto:emacs-devel-request@gnu.org?subject=unsubscribe>
List-Archive: <http://lists.gnu.org/archive/html/emacs-devel>
List-Post: <mailto:emacs-devel@gnu.org>
List-Help: <mailto:emacs-devel-request@gnu.org?subject=help>
List-Subscribe: <https://lists.gnu.org/mailman/listinfo/emacs-devel>,
	<mailto:emacs-devel-request@gnu.org?subject=subscribe>
Errors-To: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org
Original-Sender: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org
Xref: news.gmane.org gmane.emacs.devel:147567
Archived-At: <http://permalink.gmane.org/gmane.emacs.devel/147567>

On Tue, 10 Jan 2012 13:51:13 +0100 Carsten Mattner <carstenmattner@googlemail.com> wrote: 

CM> isn't the secret to decrypt it available in emacs process space for
CM> ready retrieval?

Not necessarily.  But even if it is, the attacker has to know where to
find the private key and run non-trivial code to use it.  The risk is
smaller than plopping the secret data in plain view.

CM> usually you also overwrite that memory to prevent leakage as
CM> soon as possible.

Yes, and we've discussed how ELisp makes that hard, so this will require
work at the C level.  It's not trivial, absolutely.

CM> unlocking a keychain and keeping that "safe" open for the time
CM> a user is using the environment is common practice.

CM> aren't you going to implement something like gnome's or kde's
CM> locked keychain?

That's a possibility but not my target currently.

CM> there will be at least a couple users demanding integration with
CM> existing keychain systems (kde, osx, gnome, ...).

We have KDE+GNOME in auth-source already, through the Secrets API.  We
also had an attempt to provide an interface to the Mac OS X keychain
last year, but I don't think it was fruitful.

CM> git has recently implemented support for various systems with an
CM> abstraction layer and a caching "daemon".

Yes, I've followed Jeff King's patches with great interest, although I
was absolutely swamped last year and could not test them as I wanted to.
I intend to work on integrating VC and Magit with Git's credentials,
probably with auth-source support.

Ted