From mboxrd@z Thu Jan 1 00:00:00 1970 Path: news.gmane.org!not-for-mail From: Werner Koch Newsgroups: gmane.emacs.devel Subject: Re: Fix needed for communication with gpg-agent Date: Mon, 26 Feb 2007 11:27:03 +0100 Message-ID: <878xelkydk.fsf@wheatstone.g10code.de> References: <87irdzs6pp.fsf@stupidchicken.com> <87fy91g1pl.fsf@catnip.gol.com> <87wt2dk2rv.fsf@stupidchicken.com> <873b4yt7xx.fsf@stupidchicken.com> <87ps82ukz8.fsf@wheatstone.g10code.de> <87slcynii0.fsf@stupidchicken.com> <87bqjivxrz.fsf@stupidchicken.com> NNTP-Posting-Host: lo.gmane.org Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Trace: sea.gmane.org 1172485850 9944 80.91.229.12 (26 Feb 2007 10:30:50 GMT) X-Complaints-To: usenet@sea.gmane.org NNTP-Posting-Date: Mon, 26 Feb 2007 10:30:50 +0000 (UTC) Cc: wilde@sha-bang.de, Chong Yidong , ueno@unixuser.org, emacs-devel@gnu.org, miles@gnu.org To: rms@gnu.org Original-X-From: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org Mon Feb 26 11:30:44 2007 Return-path: Envelope-to: ged-emacs-devel@m.gmane.org Original-Received: from lists.gnu.org ([199.232.76.165]) by lo.gmane.org with esmtp (Exim 4.50) id 1HLd7z-0005uO-E6 for ged-emacs-devel@m.gmane.org; Mon, 26 Feb 2007 11:30:43 +0100 Original-Received: from localhost ([127.0.0.1] helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.43) id 1HLd7y-0006Ak-Uu for ged-emacs-devel@m.gmane.org; Mon, 26 Feb 2007 05:30:42 -0500 Original-Received: from mailman by lists.gnu.org with tmda-scanned (Exim 4.43) id 1HLd7k-0006AU-Ii for emacs-devel@gnu.org; Mon, 26 Feb 2007 05:30:28 -0500 Original-Received: from exim by lists.gnu.org with spam-scanned (Exim 4.43) id 1HLd7g-0006A4-IL for emacs-devel@gnu.org; Mon, 26 Feb 2007 05:30:27 -0500 Original-Received: from [199.232.76.173] (helo=monty-python.gnu.org) by lists.gnu.org with esmtp (Exim 4.43) id 1HLd7g-0006A1-Ei for emacs-devel@gnu.org; Mon, 26 Feb 2007 05:30:24 -0500 Original-Received: from kerckhoffs.g10code.com ([217.69.77.222]) by monty-python.gnu.org with esmtps (TLS-1.0:RSA_AES_256_CBC_SHA:32) (Exim 4.52) id 1HLd7e-0007M0-Rq for emacs-devel@gnu.org; Mon, 26 Feb 2007 05:30:23 -0500 Original-Received: from uucp by kerckhoffs.g10code.com with local-rmail (Exim 4.50 #1 (Debian)) id 1HLdFn-0001ox-UW for ; Mon, 26 Feb 2007 11:38:47 +0100 Original-Received: from wk by localhost with local (Exim 4.62 #1 (Debian)) id 1HLd4R-00014r-Bf; Mon, 26 Feb 2007 11:27:03 +0100 Organisation: g10 Code GmbH OpenPGP: id=5B0358A2; url=finger:wk@g10code.com Mail-Followup-To: rms@gnu.org, Chong Yidong , wilde@sha-bang.de, miles@gnu.org, ueno@unixuser.org, emacs-devel@gnu.org In-Reply-To: (Richard Stallman's message of "Sun\, 25 Feb 2007 22\:27\:47 -0500") User-Agent: Gnus/5.110006 (No Gnus v0.6) X-detected-kernel: Linux 2.2 (2) X-BeenThere: emacs-devel@gnu.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Emacs development discussions." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Original-Sender: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org Errors-To: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org Xref: news.gmane.org gmane.emacs.devel:66839 Archived-At: On Mon, 26 Feb 2007 04:27, rms@gnu.org said: > If so, does turning off caching prevent THAT problem? Not really. If someone is able to enter commands in Emacs, he will also be able to read the memory of all user processes and thus find cached passphrases. Or he might install a key logger or a trojan or read confidential documents directly. The passphrase is in fact a last line of defense. If someone can copy the secret key he will often be able to figure out the passphrase anyway (social engineering or dictionary attacks). > If it does, should we document this? Or turn off caching by default? > Or what? Explain that one should not leave a terminal alone and that zeroing out swap partitions before selling a box is suggested. Without caching of passphrases, using crypto is to troublesome. Shalom-Salam, Werner