Re: patch to include EasyPG to Emacs

[Daiki Ueno]

2008/2/15, Sascha Wilde <address@hidden>:
>  There is still the problem, that one can't prevent Emacs from swapping
>  out the content of such an buffer -- but that's a more generic problem
>  (which was discussed briefly in an earlier thread IIRC).

Of course.  However, I think that it is a reasonable trade-off between
security and usability.  If it is a real problem, every program
(outside Emacs) which interacts with GnuPG has the same problem unless
it does mprotect(2) decrypted content by themselves, which requires
root privilege at all times.

IMHO, there is the order of priority of credentials.  That is:

public key encryption passphrases > symmetric encryption passphrases >
decrypted contents

I think the first two should always be protected, but for the last
one, the way of protection is application dependent.

Regards,
-- 
Daiki Ueno