Re: Security flaw in pgg-gpg-process-region?

emacs-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Security flaw in pgg-gpg-process-region?

From:	gdt
Subject:	Re: Security flaw in pgg-gpg-process-region?
Date:	Wed, 06 Sep 2006 15:33:46 -0400
User-agent:	Gnus/5.110006 (No Gnus v0.6) Emacs/21.4 (berkeley-unix)

I think there's a higher-level point that hasn't been made explicit,
although I'm sure it's what Daiki is thinking: Anything that can cause
the passphrase to be written to the filesystem is horribly broken; the
whole point of the passphrase is that while the secret key (encrypted
in the passphrase) is on disk, without the passphrase one can't get
the key even if one has the disk.  As soon as the passphrase ends up
on disk, through a temp file, core file, swap space, the plan is
compromised.  Programs like gnupg take care to mlock(2) or similar to
keep key data from being paged out.  (One also needs to disable kernel
crash dumps.)

The right solution might instead be to push for gpg-agent to be
production ready, so that entire notion of emacs dealing with
passphrases can be deprecated.

-- 
    Greg Troxel <address@hidden>

pgp812pv91cJ1.pgp
Description: PGP signature

[Prev in Thread]

Current Thread

[Next in Thread]

Re: Security flaw in pgg-gpg-process-region?, (continued)
- Re: Security flaw in pgg-gpg-process-region? (was: pgg-gpg-process-region), Richard Stallman, 2006/09/03
- Re: Security flaw in pgg-gpg-process-region?, Florian Weimer, 2006/09/03
  - Re: Security flaw in pgg-gpg-process-region?, Daiki Ueno, 2006/09/03
    - Re: Security flaw in pgg-gpg-process-region?, Miles Bader, 2006/09/03
    - Re: Security flaw in pgg-gpg-process-region?, Richard Stallman, 2006/09/05
    - Re: Security flaw in pgg-gpg-process-region?, Daiki Ueno, 2006/09/05
    - Re: Security flaw in pgg-gpg-process-region?, Richard Stallman, 2006/09/06
    - Re: Security flaw in pgg-gpg-process-region?, Daiki Ueno, 2006/09/06
    - Re: Security flaw in pgg-gpg-process-region?, Richard Stallman, 2006/09/07
    - Re: Security flaw in pgg-gpg-process-region?, gdt <=
    - Re: Security flaw in pgg-gpg-process-region?, Miles Bader, 2006/09/06
    - Re: Security flaw in pgg-gpg-process-region?, Richard Stallman, 2006/09/07
    - Re: Security flaw in pgg-gpg-process-region?, Sascha Wilde, 2006/09/19
    - Re: Security flaw in pgg-gpg-process-region?, Richard Stallman, 2006/09/19
    - Re: Security flaw in pgg-gpg-process-region?, Florian Weimer, 2006/09/06
    - Re: Security flaw in pgg-gpg-process-region?, Chong Yidong, 2006/09/07
    - Re: Security flaw in pgg-gpg-process-region?, Richard Stallman, 2006/09/07

Prev by Date: Latest GCC can't compile keymap.c correctly.
Next by Date: Re: shell-command-on-region and coding
Previous by thread: Re: Security flaw in pgg-gpg-process-region?
Next by thread: Re: Security flaw in pgg-gpg-process-region?
Index(es):
- Date
- Thread