From mboxrd@z Thu Jan 1 00:00:00 1970 Path: news.gmane.org!not-for-mail From: Richard Stallman Newsgroups: gmane.emacs.devel Subject: Re: Fix needed for communication with gpg-agent Date: Sun, 25 Feb 2007 22:27:47 -0500 Message-ID: References: <87irdzs6pp.fsf@stupidchicken.com> <87fy91g1pl.fsf@catnip.gol.com> <87wt2dk2rv.fsf@stupidchicken.com> <873b4yt7xx.fsf@stupidchicken.com> <87ps82ukz8.fsf@wheatstone.g10code.de> <87slcynii0.fsf@stupidchicken.com> <87bqjivxrz.fsf@stupidchicken.com> Reply-To: rms@gnu.org NNTP-Posting-Host: lo.gmane.org Content-Type: text/plain; charset=ISO-8859-15 X-Trace: sea.gmane.org 1172460698 5522 80.91.229.12 (26 Feb 2007 03:31:38 GMT) X-Complaints-To: usenet@sea.gmane.org NNTP-Posting-Date: Mon, 26 Feb 2007 03:31:38 +0000 (UTC) Cc: wilde@sha-bang.de, wk@gnupg.org, miles@gnu.org, ueno@unixuser.org, emacs-devel@gnu.org To: Chong Yidong Original-X-From: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org Mon Feb 26 04:31:29 2007 Return-path: Envelope-to: ged-emacs-devel@m.gmane.org Original-Received: from lists.gnu.org ([199.232.76.165]) by lo.gmane.org with esmtp (Exim 4.50) id 1HLWaF-0007rL-35 for ged-emacs-devel@m.gmane.org; Mon, 26 Feb 2007 04:31:27 +0100 Original-Received: from localhost ([127.0.0.1] helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.43) id 1HLWaF-0000N3-1y for ged-emacs-devel@m.gmane.org; Sun, 25 Feb 2007 22:31:27 -0500 Original-Received: from mailman by lists.gnu.org with tmda-scanned (Exim 4.43) id 1HLWYH-00088p-5H for emacs-devel@gnu.org; Sun, 25 Feb 2007 22:29:25 -0500 Original-Received: from exim by lists.gnu.org with spam-scanned (Exim 4.43) id 1HLWYG-00088N-Gy for emacs-devel@gnu.org; Sun, 25 Feb 2007 22:29:24 -0500 Original-Received: from [199.232.76.173] (helo=monty-python.gnu.org) by lists.gnu.org with esmtp (Exim 4.43) id 1HLWYG-00088H-7j for emacs-devel@gnu.org; Sun, 25 Feb 2007 22:29:24 -0500 Original-Received: from fencepost.gnu.org ([199.232.76.164]) by monty-python.gnu.org with esmtp (Exim 4.52) id 1HLWYF-0005X5-S3 for emacs-devel@gnu.org; Sun, 25 Feb 2007 22:29:23 -0500 Original-Received: from rms by fencepost.gnu.org with local (Exim 4.60) (envelope-from ) id 1HLWWh-0005KM-6c; Sun, 25 Feb 2007 22:27:47 -0500 In-reply-to: <87bqjivxrz.fsf@stupidchicken.com> (message from Chong Yidong on Sun, 25 Feb 2007 14:32:16 -0500) X-detected-kernel: Linux 2.6, seldom 2.4 (older, 4) X-BeenThere: emacs-devel@gnu.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Emacs development discussions." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Original-Sender: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org Errors-To: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org Xref: news.gmane.org gmane.emacs.devel:66818 Archived-At: > If we turn off caching of the passphrase in Emacs, does this problem > go away? Not really. The risk here occurs when you have a password stored in cleartext in memory (for example, it is stored in the Lisp string just before we are about to send it to gpg). If memory get written to the swap file, it can be read by root. If the passphrase is cached in Emacs, I presume someone walking up to your terminal could type commands at Emacs and find it. Is that right? If so, does turning off caching prevent THAT problem? If it does, should we document this? Or turn off caching by default? Or what?