[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Security flaw in pgg-gpg-process-region?
From: |
Richard Stallman |
Subject: |
Re: Security flaw in pgg-gpg-process-region? |
Date: |
Thu, 07 Sep 2006 17:13:40 -0400 |
As soon as the passphrase ends up
on disk, through a temp file, core file, swap space, the plan is
compromised. Programs like gnupg take care to mlock(2) or similar to
keep key data from being paged out. (One also needs to disable kernel
crash dumps.)
I think that the only feasible way Emacs could do that is with a
special C-level feature.
The right solution might instead be to push for gpg-agent to be
production ready, so that entire notion of emacs dealing with
passphrases can be deprecated.
What's the state of work on this?
- Re: Security flaw in pgg-gpg-process-region?, (continued)
- Re: Security flaw in pgg-gpg-process-region?, Florian Weimer, 2006/09/03
- Re: Security flaw in pgg-gpg-process-region?, Daiki Ueno, 2006/09/03
- Re: Security flaw in pgg-gpg-process-region?, Miles Bader, 2006/09/03
- Re: Security flaw in pgg-gpg-process-region?, Richard Stallman, 2006/09/05
- Re: Security flaw in pgg-gpg-process-region?, Daiki Ueno, 2006/09/05
- Re: Security flaw in pgg-gpg-process-region?, Richard Stallman, 2006/09/06
- Re: Security flaw in pgg-gpg-process-region?, Daiki Ueno, 2006/09/06
- Re: Security flaw in pgg-gpg-process-region?, Richard Stallman, 2006/09/07
- Re: Security flaw in pgg-gpg-process-region?, gdt, 2006/09/06
- Re: Security flaw in pgg-gpg-process-region?, Miles Bader, 2006/09/06
- Re: Security flaw in pgg-gpg-process-region?,
Richard Stallman <=
- Re: Security flaw in pgg-gpg-process-region?, Sascha Wilde, 2006/09/19
- Re: Security flaw in pgg-gpg-process-region?, Richard Stallman, 2006/09/19
- Re: Security flaw in pgg-gpg-process-region?, Florian Weimer, 2006/09/06
- Re: Security flaw in pgg-gpg-process-region?, Chong Yidong, 2006/09/07
- Re: Security flaw in pgg-gpg-process-region?, Richard Stallman, 2006/09/07