From: Sascha Wilde <wilde@sha-bang.de>
Cc: gdt@work.lexort.com, satyaki@chicory.stanford.edu,
Reiner.Steib@gmx.de, ueno@unixuser.org, ding@gnus.org,
emacs-devel@gnu.org, Werner Koch <wk@gnupg.org>,
fw@deneb.enyo.de, jas@extundo.com
Subject: Re: Security flaw in pgg-gpg-process-region?
Date: Tue, 19 Sep 2006 12:02:17 +0200 [thread overview]
Message-ID: <m2wt808992.fsf@kenny.sha-bang.de> (raw)
In-Reply-To: <E1GLRBs-0000Wx-NR@fencepost.gnu.org> (Richard Stallman's message of "Thu\, 07 Sep 2006 17\:13\:40 -0400")
Richard Stallman <rms@gnu.org> wrote:
> The right solution might instead be to push for gpg-agent to be
> production ready, so that entire notion of emacs dealing with
> passphrases can be deprecated.
>
> What's the state of work on this?
Apart from the general problems with gpg-agent/pinentry (it seems
gpg-agent is optimized for use with card readers) the use of gpg-agent
is integrated and documented in the current PGG from CVS Emacs as well
as in the current released version of gnus.
Non the less Miles is right, that there are known issues when using
pinentry, and gpg-agent is not yet part of the stable gnupg releases.
So I would say that deprecating input of key passphrases into Emacs is
not an option yet.
Finlay I do agree that the current handling of passphrases in Emacs is
a serious security problem, which should be solved.
cheers
sascha
--
Sascha Wilde
- no sig today... sorry!
next prev parent reply other threads:[~2006-09-19 10:02 UTC|newest]
Thread overview: 48+ messages / expand[flat|nested] mbox.gz Atom feed top
2006-04-26 12:41 pgg-output-buffer gets created as a unibyte buffer Katsumi Yamaoka
2006-04-26 13:22 ` Daiki Ueno
2006-04-26 22:27 ` Katsumi Yamaoka
2006-04-27 7:01 ` Katsumi Yamaoka
2006-04-27 9:36 ` Daiki Ueno
2006-04-27 10:19 ` Katsumi Yamaoka
2006-04-27 10:48 ` Katsumi Yamaoka
2006-04-27 14:45 ` Daiki Ueno
2006-04-27 15:23 ` Romain Francoise
2006-05-06 12:37 ` pgg-gpg-process-region (was: pgg-output-buffer gets created as a unibyte buffer) Reiner Steib
2006-09-02 11:16 ` Security flaw in pgg-gpg-process-region? (was: pgg-gpg-process-region) Reiner Steib
2006-09-02 13:16 ` Security flaw in pgg-gpg-process-region? Daiki Ueno
2006-09-02 13:49 ` Daiki Ueno
2006-09-03 15:16 ` Richard Stallman
2006-09-04 1:36 ` Daiki Ueno
2006-09-04 17:18 ` Richard Stallman
2006-09-04 17:45 ` Daiki Ueno
2006-09-04 17:48 ` David Kastrup
2006-09-05 5:06 ` Daiki Ueno
2006-09-05 15:10 ` Chong Yidong
2006-09-06 8:49 ` Richard Stallman
2006-09-06 9:25 ` Daiki Ueno
2006-09-07 6:54 ` Richard Stallman
2006-09-06 8:49 ` Richard Stallman
2006-09-03 15:16 ` Security flaw in pgg-gpg-process-region? (was: pgg-gpg-process-region) Richard Stallman
2006-09-03 16:28 ` Security flaw in pgg-gpg-process-region? Florian Weimer
2006-09-04 2:04 ` Daiki Ueno
2006-09-04 2:25 ` Miles Bader
2006-09-05 9:43 ` Richard Stallman
2006-09-05 11:57 ` Daiki Ueno
2006-09-06 19:05 ` Richard Stallman
2006-09-06 19:33 ` gdt
2006-09-06 21:33 ` Miles Bader
2006-09-07 21:13 ` Richard Stallman
2006-09-19 10:02 ` Sascha Wilde [this message]
2006-09-19 22:56 ` Richard Stallman
2006-11-11 22:00 ` Sascha Wilde
2006-11-12 21:12 ` Richard Stallman
2006-11-12 21:38 ` Sascha Wilde
2006-11-13 20:15 ` Richard Stallman
2006-11-14 11:11 ` Sascha Wilde
2006-09-06 22:44 ` Daiki Ueno
2006-09-07 21:14 ` Richard Stallman
2006-09-06 20:11 ` Florian Weimer
2006-09-07 14:12 ` Chong Yidong
2006-09-07 21:13 ` Richard Stallman
2006-04-27 16:08 ` pgg-output-buffer gets created as a unibyte buffer Katsumi Yamaoka
2006-04-28 5:18 ` Katsumi Yamaoka
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=m2wt808992.fsf@kenny.sha-bang.de \
--to=wilde@sha-bang.de \
--cc=Reiner.Steib@gmx.de \
--cc=ding@gnus.org \
--cc=emacs-devel@gnu.org \
--cc=fw@deneb.enyo.de \
--cc=gdt@work.lexort.com \
--cc=jas@extundo.com \
--cc=satyaki@chicory.stanford.edu \
--cc=ueno@unixuser.org \
--cc=wk@gnupg.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).