[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Security flaw in pgg-gpg-process-region?
|
From: |
Sascha Wilde |
|
Subject: |
Re: Security flaw in pgg-gpg-process-region? |
|
Date: |
Sat, 11 Nov 2006 23:00:38 +0100 |
|
User-agent: |
Gnus/5.11 (Gnus v5.11) Emacs/22.0.90 (gnu/linux) |
Richard Stallman <address@hidden> wrote:
First of all: sorry for this _really_ late reply...
> Finlay I do agree that the current handling of passphrases in Emacs is
> a serious security problem, which should be solved.
>
> The solution of waiting a while and urging people to start using
> gpg-agent is by far the easiest.
Ack. This is a working solution, and as it seems the only realistic
for the upcoming release.
> If you think we need another interim solution, would you please
> implement it?
I thought of it, but as far as I can see the necessary changes would
involve some substantial changes/extensions of parts of emacs I'm not
very familiar with -- so I guess it wouldn't be a good thing to do at
this point of time.
Maybe we should point out the problem somewhere in the docs?
cheers
sascha
--
Sascha Wilde
Real programmers don't want "what you see is what you get", they want
"you asked for it, you got it". They want editors that are terse,
powerful, cryptic, and unforgiving. In a word, Teco.
- Re: Security flaw in pgg-gpg-process-region?,
Sascha Wilde <=