From mboxrd@z Thu Jan  1 00:00:00 1970
Path: news.gmane.org!not-for-mail
From: Thierry Volpiatto <thierry.volpiatto@gmail.com>
Newsgroups: gmane.emacs.devel
Subject: Re: bug: epg send unencrypted data in trash
Date: Fri, 11 Feb 2011 19:16:13 +0100
Message-ID: <87k4h6sahe.fsf@gmail.com>
References: <87oc6jav1s.fsf@gmail.com>
NNTP-Posting-Host: lo.gmane.org
Mime-Version: 1.0
Content-Type: text/plain
X-Trace: dough.gmane.org 1297448360 31912 80.91.229.12 (11 Feb 2011 18:19:20 GMT)
X-Complaints-To: usenet@dough.gmane.org
NNTP-Posting-Date: Fri, 11 Feb 2011 18:19:20 +0000 (UTC)
To: emacs-devel@gnu.org
Original-X-From: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org Fri Feb 11 19:19:16 2011
Return-path: <emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org>
Envelope-to: ged-emacs-devel@m.gmane.org
Original-Received: from lists.gnu.org ([199.232.76.165])
	by lo.gmane.org with esmtp (Exim 4.69)
	(envelope-from <emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org>)
	id 1PnxaN-0003R2-Ce
	for ged-emacs-devel@m.gmane.org; Fri, 11 Feb 2011 19:19:15 +0100
Original-Received: from localhost ([127.0.0.1]:35825 helo=lists.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.43)
	id 1PnxY5-0005Cm-0G
	for ged-emacs-devel@m.gmane.org; Fri, 11 Feb 2011 13:16:53 -0500
Original-Received: from [140.186.70.92] (port=44195 helo=eggs.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.43) id 1PnxXi-00051j-NK
	for emacs-devel@gnu.org; Fri, 11 Feb 2011 13:16:31 -0500
Original-Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <ged-emacs-devel@m.gmane.org>) id 1PnxXh-0003jQ-Kj
	for emacs-devel@gnu.org; Fri, 11 Feb 2011 13:16:30 -0500
Original-Received: from lo.gmane.org ([80.91.229.12]:46151)
	by eggs.gnu.org with esmtp (Exim 4.71)
	(envelope-from <ged-emacs-devel@m.gmane.org>) id 1PnxXh-0003jB-9h
	for emacs-devel@gnu.org; Fri, 11 Feb 2011 13:16:29 -0500
Original-Received: from list by lo.gmane.org with local (Exim 4.69)
	(envelope-from <ged-emacs-devel@m.gmane.org>) id 1PnxXe-000117-LZ
	for emacs-devel@gnu.org; Fri, 11 Feb 2011 19:16:26 +0100
Original-Received: from 131.78.88-79.rev.gaoland.net ([79.88.78.131])
	by main.gmane.org with esmtp (Gmexim 0.1 (Debian))
	id 1AlnuQ-0007hv-00
	for <emacs-devel@gnu.org>; Fri, 11 Feb 2011 19:16:26 +0100
Original-Received: from thierry.volpiatto by 131.78.88-79.rev.gaoland.net with local
	(Gmexim 0.1 (Debian)) id 1AlnuQ-0007hv-00
	for <emacs-devel@gnu.org>; Fri, 11 Feb 2011 19:16:26 +0100
X-Injected-Via-Gmane: http://gmane.org/
Original-Lines: 30
Original-X-Complaints-To: usenet@dough.gmane.org
X-Gmane-NNTP-Posting-Host: 131.78.88-79.rev.gaoland.net
User-Agent: Gnus/5.110011 (No Gnus v0.11) Emacs/23.2.93 (gnu/linux)
Cancel-Lock: sha1:Qv23UvbfG7CDx7Va27tZ5Dhhkf0=
X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.6 (newer, 3)
X-Received-From: 80.91.229.12
X-BeenThere: emacs-devel@gnu.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: "Emacs development discussions." <emacs-devel.gnu.org>
List-Unsubscribe: <http://lists.gnu.org/mailman/listinfo/emacs-devel>,
	<mailto:emacs-devel-request@gnu.org?subject=unsubscribe>
List-Archive: <http://lists.gnu.org/archive/html/emacs-devel>
List-Post: <mailto:emacs-devel@gnu.org>
List-Help: <mailto:emacs-devel-request@gnu.org?subject=help>
List-Subscribe: <http://lists.gnu.org/mailman/listinfo/emacs-devel>,
	<mailto:emacs-devel-request@gnu.org?subject=subscribe>
Original-Sender: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org
Errors-To: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org
Xref: news.gmane.org gmane.emacs.devel:135903
Archived-At: <http://permalink.gmane.org/gmane.emacs.devel/135903>

Thierry Volpiatto <thierry.volpiatto@gmail.com> writes:

> Hi,
> i start using recently delete-by-moving-to-trash.(i had no trash before)
> So now when i decrypt a file and read it in emacs, i have an unencrypted
> file world readable 'epg-output-xxx' in the trash.
> That's bad.

So if one use gnus with a .authinfo.gpg, and use also
delete-by-moving-to-trash, he will have the bad surprise to find his
authinfo data in clear text in the trash.

Maybe let-bind delete-by-moving-to-trash in epg-delete-output-file would
be good.
It's what i will do here anyway.


(defun epg-delete-output-file (context)
  "Delete the output file of CONTEXT."
  (let ((delete-by-moving-to-trash nil))
    (when (and (epg-context-output-file context)
             (file-exists-p (epg-context-output-file context)))
      (delete-file (epg-context-output-file context)))))

With this change, data in clear text will never go to trash.

-- 
A+ Thierry
Get my Gnupg key:
gpg --keyserver pgp.mit.edu --recv-keys 59F29997