From mboxrd@z Thu Jan 1 00:00:00 1970 X-Msuck: nntp://news.gmane.io/gmane.emacs.gnus.general/71170 Path: news.gmane.org!not-for-mail From: Ted Zlatanov Newsgroups: gmane.emacs.gnus.general Subject: Re: [gnus git] Add ~/.authinfo to the default, since that's probably most useful for users. Date: Sun, 19 Sep 2010 21:30:01 -0500 Organization: =?utf-8?B?0KLQtdC+0LTQvtGAINCX0LvQsNGC0LDQvdC+0LI=?= @ Cienfuegos Message-ID: <87fwx56tau.fsf@lifelogs.com> References: <87iq238tgr.fsf@lifelogs.com> NNTP-Posting-Host: lo.gmane.org Mime-Version: 1.0 Content-Type: text/plain X-Trace: dough.gmane.org 1284949828 15288 80.91.229.12 (20 Sep 2010 02:30:28 GMT) X-Complaints-To: usenet@dough.gmane.org NNTP-Posting-Date: Mon, 20 Sep 2010 02:30:28 +0000 (UTC) To: ding@gnus.org Original-X-From: ding-owner+M19543@lists.math.uh.edu Mon Sep 20 04:30:27 2010 Return-path: Envelope-to: ding-account@gmane.org Original-Received: from util0.math.uh.edu ([129.7.128.18]) by lo.gmane.org with esmtp (Exim 4.69) (envelope-from ) id 1OxW9B-0003Xv-MG for ding-account@gmane.org; Mon, 20 Sep 2010 04:30:25 +0200 Original-Received: from localhost ([127.0.0.1] helo=lists.math.uh.edu) by util0.math.uh.edu with smtp (Exim 4.63) (envelope-from ) id 1OxW93-0005i3-Rj; Sun, 19 Sep 2010 21:30:17 -0500 Original-Received: from mx2.math.uh.edu ([129.7.128.33]) by util0.math.uh.edu with esmtps (TLSv1:AES256-SHA:256) (Exim 4.63) (envelope-from ) id 1OxW92-0005hn-AY for ding@lists.math.uh.edu; Sun, 19 Sep 2010 21:30:16 -0500 Original-Received: from quimby.gnus.org ([80.91.231.51]) by mx2.math.uh.edu with esmtp (Exim 4.72) (envelope-from ) id 1OxW8x-00047I-V6 for ding@lists.math.uh.edu; Sun, 19 Sep 2010 21:30:16 -0500 Original-Received: from lo.gmane.org ([80.91.229.12]) by quimby.gnus.org with esmtp (Exim 3.36 #1 (Debian)) id 1OxW8x-0003Is-00 for ; Mon, 20 Sep 2010 04:30:11 +0200 Original-Received: from list by lo.gmane.org with local (Exim 4.69) (envelope-from ) id 1OxW8v-0003S8-VJ for ding@gnus.org; Mon, 20 Sep 2010 04:30:09 +0200 Original-Received: from c-24-14-16-248.hsd1.il.comcast.net ([24.14.16.248]) by main.gmane.org with esmtp (Gmexim 0.1 (Debian)) id 1AlnuQ-0007hv-00 for ; Mon, 20 Sep 2010 04:30:09 +0200 Original-Received: from tzz by c-24-14-16-248.hsd1.il.comcast.net with local (Gmexim 0.1 (Debian)) id 1AlnuQ-0007hv-00 for ; Mon, 20 Sep 2010 04:30:09 +0200 X-Injected-Via-Gmane: http://gmane.org/ Original-Lines: 64 Original-X-Complaints-To: usenet@dough.gmane.org X-Gmane-NNTP-Posting-Host: c-24-14-16-248.hsd1.il.comcast.net X-Face: bd.DQ~'29fIs`T_%O%C\g%6jW)yi[zuz6;d4V0`@y-~$#3P_Ng{@m+e4o<4P'#(_GJQ%TT= D}[Ep*b!\e,fBZ'j_+#"Ps?s2!4H2-Y"sx" User-Agent: Gnus/5.110011 (No Gnus v0.11) Emacs/24.0.50 (gnu/linux) Cancel-Lock: sha1:5mUf7hbyhqKaMudE+go9e6o+MyE= X-Spam-Score: -1.9 (-) List-ID: Precedence: bulk Xref: news.gmane.org gmane.emacs.gnus.general:71170 Archived-At: On Sat, 18 Sep 2010 13:47:39 +0200 Lars Magne Ingebrigtsen wrote: LMI> Ted Zlatanov writes: >> I was trying to discourage people from putting their password in an >> unencrypted file. So I'm sort of OK with making the unencrypted file >> the second choice, but I'd like to at least warn the user. WDYT? LMI> If it could be done unobtrusively... I don't really like software that LMI> tells me that what I'm doing is stupid, even though it's right. :-) An unobtrusive warning? That's pretty useless, better not to bother the user. On Sat, 18 Sep 2010 14:50:38 +0200 Sebastian Krause wrote: SK> Personally, I don't like to enter my long GnuPG password every time SK> I start up Gnus. It's entered once per Emacs session. If that's too much use the Secrets API (KWallet or Gnome Seahorse). SK> It's safe enough anyway because I use full disk encryption with SK> LUKS. That's a completely different type of security, though it's useful too. Your passwords are in the clear to anything running in your environment, right? SK> Or maybe those passwords are not too important because they're only SK> for a simple Usenet server. So, warning users shouldn't be too noisy SK> because there might be good reasons of using the unencrypted file. It's a balancing act (and a familiar problem since I've been a sysadmin for a long time). I'll just be quiet about this as long as it's the second default choice. On Sat, 18 Sep 2010 17:40:23 +0200 Lars Magne Ingebrigtsen wrote: LMI> And if there was a nice, painless road towards storing the passwords in LMI> ~/.authinfo.gpg, that would be nice. That is, if the user is queried LMI> for user name/password, then auth-source.el should store it encrypted, LMI> and not in the plain ~/.authinfo file. auth-source.el has nothing to do with it. All the work is done by EPA/EPG and I'm intentionally keeping auth-source.el agnostic of encryption issues beyond mentioning the .gpg extension. On Sat, 18 Sep 2010 23:29:01 +0200 Sebastian Krause wrote: SK> However, I just saw that even in case of an encrypted SK> ~/.authinfo.gpg it's pretty easy to find out my IMAP password if SK> Gnus is still running: It's simply shown in the *imap log* SK> buffer. It's probably because imap.gmail.com uses cleartext login SK> through SSL. Is there any way to not print out the password, but SK> some kind of placeholder instead? If the attacker has any access to Emacs, he can sniff the encryption passphrase from the auth-source.el cache. Sorry but ELisp (in Emacs or XEmacs) is just not a secure environment; auth-source.el tries to at least make it less necessary to store your passwords in an unencrypted location. Its main purpose is to provide a single place for all ELisp code to get authentication tokens. Ted