Re: secret strings

emacs-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: secret strings

From:	Stephen J. Turnbull
Subject:	Re: secret strings
Date:	Fri, 01 Apr 2011 23:38:20 +0900

Ted Zlatanov writes:

 > I'm not proposing a security model; the user protection is only
 > that there's a smaller chance an attacker would see the secret
 > strings in a memory image of the Emacs process.

My point is, if you have no security model, why bother?

It is very unlikely that an attack on Emacs memory would reveal
"secret strings".  If somebody cares about that small chance, they're
either kidding themselves, or they have a security model that will
tell them to *ignore* the autowiping GC, and wipe themselves.

Cleanliness-is-next-to-***liness-ly y'rs,

[Prev in Thread]

Current Thread

[Next in Thread]

secret strings (was: lexbind: how to replace lexical-let approach to hide secrets), Ted Zlatanov, 2011/04/01
- secret strings (was: lexbind: how to replace lexical-let approach to hide secrets), Stephen J. Turnbull, 2011/04/01
  - Re: secret strings, Ted Zlatanov, 2011/04/01
    - Re: secret strings, Stephen J. Turnbull <=
    - Re: secret strings, Ted Zlatanov, 2011/04/01
    - Re: secret strings, Stephen J. Turnbull, 2011/04/01
    - Re: secret strings, Ted Zlatanov, 2011/04/01
    - Re: secret strings, Stefan Monnier, 2011/04/01
    - Re: secret strings, Ted Zlatanov, 2011/04/01
    - Re: secret strings, Stefan Monnier, 2011/04/01

Prev by Date: Re: Please don't use revision numbers on commit messages (and elsewhere).
Next by Date: Re: Please don't use revision numbers on commit messages (and elsewhere).
Previous by thread: Re: secret strings
Next by thread: Re: secret strings
Index(es):
- Date
- Thread