[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Storing sensitive data indefinitely in variables or buffers: Whether
|
From: |
Eli Zaretskii |
|
Subject: |
Re: Storing sensitive data indefinitely in variables or buffers: Whether and how to fix? |
|
Date: |
Wed, 31 May 2023 15:56:48 +0300 |
> Date: Tue, 30 May 2023 23:25:32 +0200
> From: Jens Schmidt <jschmidt4gnu@vodafonemail.de>
>
> plstore.el stores clear-text sensitive data in a number of places in a
> running emacs without automatically expiring it as, for example,
> password-cache does.
>
> 1. As usually, fixing these decreases convenience. Is that OK?
In general, if the inconvenience is significant, it is best to make
the feature opt-in. Even if we do make it ON by default, there should
be a way of getting back old behavior, and that way should be
documented in NEWS.
> 2. Is fixing these considered a bug (relevant for emacs-29) even if it
> involves a bit more effort, possibly even new functions and
> variables?
No, this is not a "bugfix" in terms applicable to the emacs-29 branch.
These changes should go to master.
Thanks.