From mboxrd@z Thu Jan 1 00:00:00 1970 X-Msuck: nntp://news.gmane.io/gmane.emacs.gnus.general/63714 Path: news.gmane.org!not-for-mail From: Richard Stallman Newsgroups: gmane.emacs.devel,gmane.emacs.gnus.general Subject: Re: Security flaw in pgg-gpg-process-region? Date: Thu, 07 Sep 2006 17:13:51 -0400 Message-ID: References: <9c79059a-61a9-4fa4-8376-638753320a14@well-done.deisui.org> <4aaf7080-0e3d-4a75-aff5-f9d5bcd0437f@well-done.deisui.org> <87fyjz2gaj.fsf@pacem.orebokech.com> <87ac5gnccs.fsf@mid.deneb.enyo.de> <87ac5coiva.fsf@mid.deneb.enyo.de> Reply-To: rms@gnu.org NNTP-Posting-Host: main.gmane.org Content-Type: text/plain; charset=ISO-8859-15 X-Trace: sea.gmane.org 1157663709 30040 80.91.229.2 (7 Sep 2006 21:15:09 GMT) X-Complaints-To: usenet@sea.gmane.org NNTP-Posting-Date: Thu, 7 Sep 2006 21:15:09 +0000 (UTC) Cc: satyaki@chicory.stanford.edu, Reiner.Steib@gmx.de, ueno@unixuser.org, ding@gnus.org, emacs-devel@gnu.org, jas@extundo.com Original-X-From: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org Thu Sep 07 23:15:08 2006 Return-path: Envelope-to: ged-emacs-devel@m.gmane.org Original-Received: from lists.gnu.org ([199.232.76.165]) by ciao.gmane.org with esmtp (Exim 4.43) id 1GLRD5-0005Nx-EB for ged-emacs-devel@m.gmane.org; Thu, 07 Sep 2006 23:14:55 +0200 Original-Received: from localhost ([127.0.0.1] helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.43) id 1GLRD4-0004XX-Q7 for ged-emacs-devel@m.gmane.org; Thu, 07 Sep 2006 17:14:54 -0400 Original-Received: from mailman by lists.gnu.org with tmda-scanned (Exim 4.43) id 1GLRC5-0002Zt-89 for emacs-devel@gnu.org; Thu, 07 Sep 2006 17:13:53 -0400 Original-Received: from exim by lists.gnu.org with spam-scanned (Exim 4.43) id 1GLRC4-0002YI-Hp for emacs-devel@gnu.org; Thu, 07 Sep 2006 17:13:52 -0400 Original-Received: from [199.232.76.173] (helo=monty-python.gnu.org) by lists.gnu.org with esmtp (Exim 4.43) id 1GLRC4-0002Xj-Bk for emacs-devel@gnu.org; Thu, 07 Sep 2006 17:13:52 -0400 Original-Received: from [199.232.76.164] (helo=fencepost.gnu.org) by monty-python.gnu.org with esmtp (Exim 4.52) id 1GLRCW-0006O4-AH for emacs-devel@gnu.org; Thu, 07 Sep 2006 17:14:20 -0400 Original-Received: from rms by fencepost.gnu.org with local (Exim 4.34) id 1GLRC3-0000Yi-A1; Thu, 07 Sep 2006 17:13:51 -0400 Original-To: Florian Weimer In-reply-to: <87ac5coiva.fsf@mid.deneb.enyo.de> (message from Florian Weimer on Wed, 06 Sep 2006 22:11:37 +0200) X-BeenThere: emacs-devel@gnu.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Emacs development discussions." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Original-Sender: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org Errors-To: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org Xref: news.gmane.org gmane.emacs.devel:59522 gmane.emacs.gnus.general:63714 Archived-At: As Greg suggested, the passphrase handling should be moved from Emacs into a separate process (which may request special privileges to lock memory regions etc.). I agree it is a good solution. We would still face the issue of how users who never exit Emacs can provide the passphrase to gpg-agent thru the shell buffer without its being saved on disk.