[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Wherein I argue for the inclusion of libnettle in Emacs 24.5

From: Daiki Ueno
Subject: Re: Wherein I argue for the inclusion of libnettle in Emacs 24.5
Date: Fri, 07 Feb 2014 18:07:35 +0900
User-agent: Gnus/5.13 (Gnus v5.13) Emacs/24.3.50 (gnu/linux)

Ted Zlatanov <address@hidden> writes:

> What do you think happens when you open a .gpg file using GnuPG
> externally, even disregarding the OS channels traveled?  That data is
> certainly not safe from defadvice.

Didn't I ever say:

- Once an attacker successfully takes over your desktop session, he can
  do almost everything.  We can't do much on that situation.  Why don't
  you lock the screen before leaving?

- More possible threat is inspecting persistent data (e.g. core files on
  a disk attached to a stolen note PC).  GnuPG is designed to be secure
  against this, using "secure core".

- On the other hand, Emacs copies small strings around.  If passwords
  (normally not too long) are managed poorly in Emacs, they might appear
  repeatedly in a core file, when it crashes.

> Emacs as a whole could use a way to hide "data not intended for direct
> user inspection" better, and provide for a "tainting" trace of data
> (to use the Perl term).

Interesting.  Any prior art on that area?  I haven't heard the word
"tainting" used in that way.  Isn't it for preventing untrusted data
being injected to, say, SQL?
Daiki Ueno

reply via email to

[Prev in Thread] Current Thread [Next in Thread]