[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Fix needed for communication with gpg-agent

From: Chong Yidong
Subject: Re: Fix needed for communication with gpg-agent
Date: Sun, 25 Feb 2007 14:32:16 -0500
User-agent: Gnus/5.11 (Gnus v5.11) Emacs/22.0.94 (gnu/linux)

Richard Stallman <address@hidden> writes:

>     But there are still some more subtle security problems left, which
>     IIRC were discussed in the original thread, too:  If emacs caches the
>     passphrase there is no way to protect the passphrase from being
>     written to swap, when the system decides to swap out parts of emacs.
> If we turn off caching of the passphrase in Emacs, does this problem
> go away?

Not really.

The risk here occurs when you have a password stored in cleartext in
memory (for example, it is stored in the Lisp string just before we
are about to send it to gpg).  If memory get written to the swap file,
it can be read by root.

This is arguably a security hole because it makes it too easy for root
to find people's passwords (granted, root can easily steal passwords
anyway, but it arguably shouldn't be *this* easy.)

But if you are concerned enough about root stealing your passwords in
this way, you wouldn't mind running in X or performing the other
workarounds that exist for that problem.

reply via email to

[Prev in Thread] Current Thread [Next in Thread]