[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Fix needed for communication with gpg-agent

From: Richard Stallman
Subject: Re: Fix needed for communication with gpg-agent
Date: Sun, 25 Feb 2007 22:27:47 -0500

    > If we turn off caching of the passphrase in Emacs, does this problem
    > go away?

    Not really.

    The risk here occurs when you have a password stored in cleartext in
    memory (for example, it is stored in the Lisp string just before we
    are about to send it to gpg).  If memory get written to the swap file,
    it can be read by root.

If the passphrase is cached in Emacs, I presume someone walking up to
your terminal could type commands at Emacs and find it.  Is that

If so, does turning off caching prevent THAT problem?

If it does, should we document this?  Or turn off caching by default?
Or what?

reply via email to

[Prev in Thread] Current Thread [Next in Thread]