[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: secret strings

From: Stephen J. Turnbull
Subject: Re: secret strings
Date: Fri, 01 Apr 2011 23:38:20 +0900

Ted Zlatanov writes:

 > I'm not proposing a security model; the user protection is only
 > that there's a smaller chance an attacker would see the secret
 > strings in a memory image of the Emacs process.

My point is, if you have no security model, why bother?

It is very unlikely that an attack on Emacs memory would reveal
"secret strings".  If somebody cares about that small chance, they're
either kidding themselves, or they have a security model that will
tell them to *ignore* the autowiping GC, and wipe themselves.

Cleanliness-is-next-to-***liness-ly y'rs,

reply via email to

[Prev in Thread] Current Thread [Next in Thread]