[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Storing sensitive data indefinitely in variables or buffers: Whether
From: |
Ihor Radchenko |
Subject: |
Re: Storing sensitive data indefinitely in variables or buffers: Whether and how to fix? |
Date: |
Wed, 31 May 2023 08:02:53 +0000 |
Jens Schmidt <jschmidt4gnu@vodafonemail.de> writes:
> plstore.el stores clear-text sensitive data in a number of places in a
> running emacs without automatically expiring it as, for example,
> password-cache does.
To add on the issue, we had a somewhat similar problem related to
org-persist library that stores cached data.
https://list.orgmode.org/orgmode/CAM9ALR8fuSu0YWS1SehRw7sYxprJFX-r2juXd_DgvCYVKQc95Q@mail.gmail.com/
Within that thread, a concern have been raised about storing data
related to files from encrypted file system. Even the file names (for
example, stored by recentf) from encrypted FS may be considered
sensitive if they are stored as plain text.
I have considered two approaches there:
1. Expiry, when the data may persist within Emacs session, but is never
written on disk.
2. Encrypting the stored data (similar to .authinfo.gpg)
> 1. As usually, fixing these decreases convenience. Is that OK?
IMHO, at least some people are extremely sensitive about storing
sensitive data in plain text. I'd say that it is better to avoid storing
sensitive data in plain text by default. Possibly, with a toggle to
enable such risky storage for users who know what they are doing.
--
Ihor Radchenko // yantar92,
Org mode contributor,
Learn more about Org mode at <https://orgmode.org/>.
Support Org development at <https://liberapay.com/org-mode>,
or support my work at <https://liberapay.com/yantar92>