[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
bug#19991: 24.3; insecure design or else bug: gpg passphrase persists wh
|
From: |
Tassilo Horn |
|
Subject: |
bug#19991: 24.3; insecure design or else bug: gpg passphrase persists when emacs is closed and re-opened |
|
Date: |
Tue, 03 Mar 2015 20:32:04 +0100 |
|
User-agent: |
Gnus/5.130012 (Ma Gnus v0.12) Emacs/25.0.50 (gnu/linux) |
Ed Green <eug2@psu.edu> writes:
Hi Ed,
> I opened emacs24 in xubuntu 14.04 with command "emacs&". In dired, I
> opened a gpg-encrypted file. I was prompted to supply my passphrase,
> after which the unencrypted text was displayed. I did not click the
> box labelled "Automatically unlock this key, whenever I'm logged in".
>
> Next, I closed emacs by clicking the 'x' in the corner of the window. I
> opened emacs in a new process with "emacs&". Again in dired, I opened a
> different gpg-encrypted file. The unencrypted text was immediately
> displayed, without my being prompted for a passphrase.
I guess that's not related to Emacs but instead the GPG Agent cached the
passphrase, and the second file you opened was encrypted with the same
public key as the former file. By default, the GPG Agent caches
passphrases for two hours:
,----[ (info "(gnupg)Agent Options") ]
| '--max-cache-ttl N'
| Set the maximum time a cache entry is valid to N seconds. After
| this time a cache entry will be expired even if it has been
| accessed recently or has been set using 'gpg-preset-passphrase'.
| The default is 2 hours (7200 seconds).
`----
Bye,
Tassilo