[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Security flaw in pgg-gpg-process-region?

From: Daiki Ueno
Subject: Re: Security flaw in pgg-gpg-process-region?
Date: Wed, 06 Sep 2006 18:25:48 +0900

>>>>> In <address@hidden> 
>>>>>   Richard Stallman <address@hidden> wrote:
>     Anyway, I fixed it in Gnus CVS so that passphrases are encoded with
>     locale-coding-system.  I'm not sure if we should add a new user option
>     to control the encoding.

> locale-coding-system exists to tell Emacs how to decode some system
> messages which are encoded (outside Emacs) in the current locale.  It
> seems to be wrong for this use.  Do you see some reason to think it is
> right?

> If you see a reason, please explain it to me.  Otherwise, please make
> a new option for this.

I have no reason.  I just followed the example of setenv which uses
locale-coding-system for encoding the value of envvars.

I prepared pgg-passphrase-coding-system in Gnus CVS.


$ grep locale-coding-system **/*.el | grep encode-coding-string
env.el:      (setq variable (encode-coding-string variable 
env.el:      (setq value (encode-coding-string value locale-coding-system)))
hexl.el:           (mapcar (lambda (s) (encode-coding-string s 
term/x-win.el:         (encode-coding-string text (or locale-coding-system

Daiki Ueno

reply via email to

[Prev in Thread] Current Thread [Next in Thread]