[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Fix needed for communication with gpg-agent
From: |
Chong Yidong |
Subject: |
Re: Fix needed for communication with gpg-agent |
Date: |
Thu, 22 Feb 2007 17:47:24 -0500 |
User-agent: |
Gnus/5.11 (Gnus v5.11) Emacs/22.0.93 (gnu/linux) |
Sascha Wilde <address@hidden> writes:
> I think this suggestion is based on a misunderstanding -- the security
> problems in the current implementation (when not using gpg-agent) has
> nothing to do with caching, it comes form the fact, that emacs writes
> the the passphrase to an temporary file (which is then feed to gpg).
Maybe I'm confused, but I think this is not the problem.
>From what I recall, the issue was that an older version of pgg used
the function call-process-region. This was a genuine security hole,
since call-process-region uses a tempfile to communicate with the
process.
The current version of pgg in Emacs CVS uses start-process to create
an asynchronous gpg process, and communicates with it using
process-send-string. On systems that support ptys, Emacs communicates
with asynchronous processes through ptys (see create_process in
process.c:1815), not tempfiles.
Unless there is some security risk in the way we use ptys that I'm not
aware of, I don't think there is a problem in the way we communicate
with gpg.
- Re: Fix needed for communication with gpg-agent, (continued)
Re: Fix needed for communication with gpg-agent, Miles Bader, 2007/02/19
- Re: Fix needed for communication with gpg-agent, Chong Yidong, 2007/02/19
- Re: Fix needed for communication with gpg-agent, Chong Yidong, 2007/02/22
- Re: Fix needed for communication with gpg-agent, Chong Yidong, 2007/02/22
- Re: Fix needed for communication with gpg-agent, Werner Koch, 2007/02/23
- Re: Fix needed for communication with gpg-agent, Chong Yidong, 2007/02/22
- Re: Fix needed for communication with gpg-agent, Sascha Wilde, 2007/02/22
- Re: Fix needed for communication with gpg-agent,
Chong Yidong <=
- Re: Fix needed for communication with gpg-agent, Sascha Wilde, 2007/02/23
- Re: Fix needed for communication with gpg-agent, Richard Stallman, 2007/02/24
Re: Fix needed for communication with gpg-agent, Richard Stallman, 2007/02/23
Re: Fix needed for communication with gpg-agent, Sascha Wilde, 2007/02/23
Re: Fix needed for communication with gpg-agent, Richard Stallman, 2007/02/24
Re: Fix needed for communication with gpg-agent, Chong Yidong, 2007/02/25
Re: Fix needed for communication with gpg-agent, Andreas Schwab, 2007/02/25
Re: Fix needed for communication with gpg-agent, David Kastrup, 2007/02/25
Re: Fix needed for communication with gpg-agent, Richard Stallman, 2007/02/25
Re: Fix needed for communication with gpg-agent, Werner Koch, 2007/02/26