From mboxrd@z Thu Jan  1 00:00:00 1970
Path: news.gmane.org!not-for-mail
From: Ted Zlatanov <tzz@lifelogs.com>
Newsgroups: gmane.emacs.devel
Subject: Re: can emacs use the mac os x keychain?
Date: Sat, 31 Jul 2010 21:53:39 -0500
Organization: =?utf-8?B?0KLQtdC+0LTQvtGAINCX0LvQsNGC0LDQvdC+0LI=?= @ Cienfuegos
Message-ID: <87d3u3cabw.fsf@lifelogs.com>
References: <370a1897-25aa-418f-9631-1570dfa99de3@z7g2000yqb.googlegroups.com>
	<barmar-C56D33.00021721042010@news.eternal-september.org>
	<87633kaess.fsf@lifelogs.com>
	<8d7c78ee-6ba8-448a-8f86-3d585e1af77f@u32g2000vbc.googlegroups.com>
	<87vd8z2myy.fsf@lifelogs.com>
	<01ea3506-d715-491d-b360-3abf34e98013@i31g2000yqm.googlegroups.com>
	<87r5iq1hjk.fsf@lifelogs.com> <871vanu08g.fsf@lifelogs.com>
	<wlocdpltct.wl%mituharu@math.s.chiba-u.ac.jp>
	<87sk31nlv7.fsf@lifelogs.com>
	<wlzkx72jjw.wl%mituharu@math.s.chiba-u.ac.jp>
NNTP-Posting-Host: lo.gmane.org
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
X-Trace: dough.gmane.org 1280631243 7645 80.91.229.12 (1 Aug 2010 02:54:03 GMT)
X-Complaints-To: usenet@dough.gmane.org
NNTP-Posting-Date: Sun, 1 Aug 2010 02:54:03 +0000 (UTC)
Cc: adrian.b.robert@gmail.com
To: emacs-devel@gnu.org
Original-X-From: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org Sun Aug 01 04:54:02 2010
Return-path: <emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org>
Envelope-to: ged-emacs-devel@m.gmane.org
Original-Received: from lists.gnu.org ([199.232.76.165])
	by lo.gmane.org with esmtp (Exim 4.69)
	(envelope-from <emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org>)
	id 1OfOgZ-0006CP-RV
	for ged-emacs-devel@m.gmane.org; Sun, 01 Aug 2010 04:54:00 +0200
Original-Received: from localhost ([127.0.0.1]:35216 helo=lists.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.43)
	id 1OfOgZ-0004YO-Cu
	for ged-emacs-devel@m.gmane.org; Sat, 31 Jul 2010 22:53:59 -0400
Original-Received: from [140.186.70.92] (port=51253 helo=eggs.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.43) id 1OfOgU-0004YI-1I
	for emacs-devel@gnu.org; Sat, 31 Jul 2010 22:53:54 -0400
Original-Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.69)
	(envelope-from <ged-emacs-devel@m.gmane.org>) id 1OfOgS-0001T4-FZ
	for emacs-devel@gnu.org; Sat, 31 Jul 2010 22:53:53 -0400
Original-Received: from lo.gmane.org ([80.91.229.12]:39286)
	by eggs.gnu.org with esmtp (Exim 4.69)
	(envelope-from <ged-emacs-devel@m.gmane.org>) id 1OfOgS-0001Ss-0i
	for emacs-devel@gnu.org; Sat, 31 Jul 2010 22:53:52 -0400
Original-Received: from list by lo.gmane.org with local (Exim 4.69)
	(envelope-from <ged-emacs-devel@m.gmane.org>) id 1OfOgM-0006Am-EH
	for emacs-devel@gnu.org; Sun, 01 Aug 2010 04:53:46 +0200
Original-Received: from c-98-227-29-141.hsd1.il.comcast.net ([98.227.29.141])
	by main.gmane.org with esmtp (Gmexim 0.1 (Debian))
	id 1AlnuQ-0007hv-00
	for <emacs-devel@gnu.org>; Sun, 01 Aug 2010 04:53:46 +0200
Original-Received: from tzz by c-98-227-29-141.hsd1.il.comcast.net with local (Gmexim
	0.1 (Debian)) id 1AlnuQ-0007hv-00
	for <emacs-devel@gnu.org>; Sun, 01 Aug 2010 04:53:46 +0200
X-Injected-Via-Gmane: http://gmane.org/
Original-Lines: 25
Original-X-Complaints-To: usenet@dough.gmane.org
X-Gmane-NNTP-Posting-Host: c-98-227-29-141.hsd1.il.comcast.net
X-Face: bd.DQ~'29fIs`T_%O%C\g%6jW)yi[zuz6;
	d4V0`@y-~$#3P_Ng{@m+e4o<4P'#(_GJQ%TT=
	D}[Ep*b!\e,fBZ'j_+#"Ps?s2!4H2-Y"sx"
User-Agent: Gnus/5.110011 (No Gnus v0.11) Emacs/24.0.50 (gnu/linux)
Cancel-Lock: sha1:zKZKSGKYeKfhYiNz0VsM7FGxdMU=
X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.6 (newer, 3)
X-BeenThere: emacs-devel@gnu.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: "Emacs development discussions." <emacs-devel.gnu.org>
List-Unsubscribe: <http://lists.gnu.org/mailman/listinfo/emacs-devel>,
	<mailto:emacs-devel-request@gnu.org?subject=unsubscribe>
List-Archive: <http://lists.gnu.org/archive/html/emacs-devel>
List-Post: <mailto:emacs-devel@gnu.org>
List-Help: <mailto:emacs-devel-request@gnu.org?subject=help>
List-Subscribe: <http://lists.gnu.org/mailman/listinfo/emacs-devel>,
	<mailto:emacs-devel-request@gnu.org?subject=subscribe>
Original-Sender: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org
Errors-To: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org
Xref: news.gmane.org gmane.emacs.devel:128074
Archived-At: <http://permalink.gmane.org/gmane.emacs.devel/128074>

On Sun, 01 Aug 2010 10:44:35 +0900 YAMAMOTO Mitsuharu <mituharu@math.s.chiba-u.ac.jp> wrote: 

>>>>>> On Fri, 30 Jul 2010 08:24:28 -0500, Ted Zlatanov <tzz@lifelogs.com> said:
>> If /usr/bin/security can handle regular and internet keychains (the
>> two types David Reitter mentioned) then it's sufficient in terms of
>> backend functionality.  I don't think it can ever be as secure,
>> however, as a direct C call, so for security I'd rather use direct C
>> calls if that's an option.

YM> One drawback of the use of /usr/bin/security would be that the user
YM> might grant the generic command `security' access to the item by
YM> adding it to the "trusted applications" list in order to avoid the
YM> application access confirmation dialog.

YM> It might be desirable to call Keychain API directly rather than via
YM> the `security' command so that the keychain can know which application
YM> wants to access the item in a more specific way.

Thank you for your explanation.  Since we are in agreement on using the
C API directly, I hope you, David, or Adrian (or someone else willing to
contribute) find the time to implement these calls and provide an ELisp
layer on top.

Thank you
Ted