From mboxrd@z Thu Jan  1 00:00:00 1970
X-Msuck: nntp://news.gmane.io/gmane.emacs.gnus.general/63641
Path: news.gmane.org!not-for-mail
From: Daiki Ueno <ueno@unixuser.org>
Newsgroups: gmane.emacs.devel,gmane.emacs.gnus.general
Subject: Re: Security flaw in pgg-gpg-process-region?
Date: Mon, 04 Sep 2006 11:04:38 +0900
Message-ID: <e0049689-8507-4a77-9b09-447f21211249@broken.deisui.org>
References: <b4maca88q6i.fsf@jpl.org>
	<def1aabc-69b9-4b1d-bb84-e65c63540eac@well-done.deisui.org>
	<b4mmze82cse.fsf@jpl.org> <b4mwtdbfqob.fsf@jpl.org>
	<9c79059a-61a9-4fa4-8376-638753320a14@well-done.deisui.org>
	<b4mpsj3gw1s.fsf@jpl.org> <b4my7xrfg5o.fsf@jpl.org>
	<4aaf7080-0e3d-4a75-aff5-f9d5bcd0437f@well-done.deisui.org>
	<87fyjz2gaj.fsf@pacem.orebokech.com>
	<v9iroj49cz.fsf@marauder.physik.uni-ulm.de>
	<v9mz9itt6y.fsf_-_@marauder.physik.uni-ulm.de>
	<87ac5gnccs.fsf@mid.deneb.enyo.de>
NNTP-Posting-Host: main.gmane.org
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
X-Trace: sea.gmane.org 1157335503 5254 80.91.229.2 (4 Sep 2006 02:05:03 GMT)
X-Complaints-To: usenet@sea.gmane.org
NNTP-Posting-Date: Mon, 4 Sep 2006 02:05:03 +0000 (UTC)
Cc: Simon Josefsson <jas@extundo.com>,
	Satyaki Das <satyaki@chicory.stanford.edu>, ding@gnus.org,
	Reiner Steib <Reiner.Steib@gmx.de>, emacs-devel@gnu.org
Original-X-From: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org Mon Sep 04 04:05:02 2006
Return-path: <emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org>
Envelope-to: ged-emacs-devel@m.gmane.org
Original-Received: from lists.gnu.org ([199.232.76.165])
	by ciao.gmane.org with esmtp (Exim 4.43)
	id 1GK3pc-0006IF-T4
	for ged-emacs-devel@m.gmane.org; Mon, 04 Sep 2006 04:05:01 +0200
Original-Received: from localhost ([127.0.0.1] helo=lists.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.43)
	id 1GK3pc-0000hd-HO
	for ged-emacs-devel@m.gmane.org; Sun, 03 Sep 2006 22:05:00 -0400
Original-Received: from mailman by lists.gnu.org with tmda-scanned (Exim 4.43)
	id 1GK3pP-0000e4-Im
	for emacs-devel@gnu.org; Sun, 03 Sep 2006 22:04:47 -0400
Original-Received: from exim by lists.gnu.org with spam-scanned (Exim 4.43)
	id 1GK3pM-0000WC-7e
	for emacs-devel@gnu.org; Sun, 03 Sep 2006 22:04:46 -0400
Original-Received: from [199.232.76.173] (helo=monty-python.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.43) id 1GK3pM-0000Vn-0P
	for emacs-devel@gnu.org; Sun, 03 Sep 2006 22:04:44 -0400
Original-Received: from [64.233.162.203] (helo=nz-out-0102.google.com)
	by monty-python.gnu.org with esmtp (Exim 4.52) id 1GK3zm-00051g-09
	for emacs-devel@gnu.org; Sun, 03 Sep 2006 22:15:30 -0400
Original-Received: by nz-out-0102.google.com with SMTP id z31so758224nzd
	for <emacs-devel@gnu.org>; Sun, 03 Sep 2006 19:04:43 -0700 (PDT)
DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com;
	h=received:from:to:cc:subject:references:date:in-reply-to:message-id:user-agent:mime-version:content-type:sender;
	b=gU3wQDyzIh/tkmLsMpxDFQpuM6QWdPYqvxCO8LP7hEroYxvCfI1j44UP3O5rMSLUvQRvb+yVeub9vzSpARI8vlVJNX7BSuGFjuPSR5SfmnB18zgO8l6np1xHJ7HQ/B01p4ryQyYsm2HNa8jgsy0cVfrjK/1r8E9hEheYwc8qx9k=
Original-Received: by 10.65.122.15 with SMTP id z15mr4751451qbm;
	Sun, 03 Sep 2006 19:04:43 -0700 (PDT)
Original-Received: from p360 ( [150.82.173.221])
	by mx.gmail.com with ESMTP id m1sm2131712nzf.2006.09.03.19.04.41;
	Sun, 03 Sep 2006 19:04:42 -0700 (PDT)
Original-To: Florian Weimer <fw@deneb.enyo.de>
In-Reply-To: <87ac5gnccs.fsf@mid.deneb.enyo.de> (Florian Weimer's message of
	"Sun, 03 Sep 2006 18:28:35 +0200")
User-Agent: Gnus/5.110006 (No Gnus v0.6) Emacs/22.0.50 (gnu/linux)
X-BeenThere: emacs-devel@gnu.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: "Emacs development discussions." <emacs-devel.gnu.org>
List-Unsubscribe: <http://lists.gnu.org/mailman/listinfo/emacs-devel>,
	<mailto:emacs-devel-request@gnu.org?subject=unsubscribe>
List-Archive: <http://lists.gnu.org/pipermail/emacs-devel>
List-Post: <mailto:emacs-devel@gnu.org>
List-Help: <mailto:emacs-devel-request@gnu.org?subject=help>
List-Subscribe: <http://lists.gnu.org/mailman/listinfo/emacs-devel>,
	<mailto:emacs-devel-request@gnu.org?subject=subscribe>
Original-Sender: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org
Errors-To: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org
Xref: news.gmane.org gmane.emacs.devel:59300 gmane.emacs.gnus.general:63641
Archived-At: <http://permalink.gmane.org/gmane.emacs.gnus.general/63641>

>>>>> In <87ac5gnccs.fsf@mid.deneb.enyo.de> 
>>>>>	Florian Weimer <fw@deneb.enyo.de> wrote:
> * Reiner Steib:

> > In current Emacs CVS in fact `call-process-region' uses temp files.
> > Bad.  I think this is a severe security problem, isn't it?

> Why?  AFAICS, Emacs uses mkstemp when available, which should get the
> permissions right.

May I answer the question on behalf of Reiner Steib?

When decrypting PGP messages PGG will send your passphrase along with
data, so if Emacs process is killed and you have stolen your note PC,
your passphrase can also be stolen from the temp file.

Regards,
-- 
Daiki Ueno