Re: smime.el: security concerns?

emacs-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: smime.el: security concerns?

From:	Richard Stallman
Subject:	Re: smime.el: security concerns?
Date:	Fri, 13 Jul 2007 19:08:57 -0400

      - `call-process' / `call-process-region' (temporary files in /tmp/?)
      - environment variable(s) for password passing
      - documentation encourages use of un-passworded .pem
      - password caching via elisp instead of external agent
        - personally avoid, even for tramp + SSH
      - the very manual .pem key/crt setup was tricky

We have eliminated the same problems in the rest of Emacs; shouldn't
we fix smime.el to get rid if them too?

[Prev in Thread]

Current Thread

[Next in Thread]

proposed patch to enable MH-E usage of GNU + EPG, timotheus, 2007/07/12
- Re: proposed patch to enable MH-E usage of GNU + EPG, Richard Stallman, 2007/07/12
  - Re: proposed patch to enable MH-E usage of GNU + EPG, Bill Wohler, 2007/07/13
    - Re: proposed patch to enable MH-E usage of GNU + EPG, timotheus, 2007/07/13
    - smime.el: security concerns? (was: proposed patch to enable MH-E usage of GNU + EPG), Reiner Steib, 2007/07/13
    - Re: smime.el: security concerns?, timotheus, 2007/07/13
    - Re: smime.el: security concerns?, Richard Stallman <=
    - Re: proposed patch to enable MH-E usage of GNU + EPG, Richard Stallman, 2007/07/13
    - Re: proposed patch to enable MH-E usage of GNU + EPG, timotheus, 2007/07/13
    - Re: proposed patch to enable MH-E usage of GNU + EPG, Richard Stallman, 2007/07/13

Prev by Date: Re: emacs.1 in Emacs 22
Next by Date: Re: bookmark.el patch for 1) other window and 2) C-x p instead of C-x r
Previous by thread: Re: smime.el: security concerns?
Next by thread: Re: proposed patch to enable MH-E usage of GNU + EPG
Index(es):
- Date
- Thread