Re: Storing sensitive data indefinitely in variables or buffers: Whether and how to fix?

[Ihor Radchenko]

Jens Schmidt <jschmidt4gnu@vodafonemail.de> writes:

> On 2023-05-31  18:39, Adam Porter wrote:
>
>> I think Emacs needs a new library to store Lisp data securely. 
>> Ideally the API would simply return a Lisp object which could be
>> used with common functions like alist-get, gethash, etc. to read
>> data. For writing, perhaps some kind of simple macro or function
>> wrapper that would store the data securely, as-configured, without
>> the application needing to know the details.
>
> Er, that's what I thought plstore.el is about: Persisting sensitive and 
> non-sensitive data in a structured way, securely, with on-demand 
> decryption.  It certainly has rough edges, and almost no UI at all, but 
> I liked the basic idea.

AFAIK, Adam had a very hard time dealing with auth-source.el. See the
reddit link in his message.

AFAIR, part of the problem was (1) poor documentation; (2) various edge
cases that had to be considered; (3) complex code required to make
things work. So, here he is asking for a _simple_ API that does not
require too much of tinkering with the internals. If such API is added
to plstore, it will certainly be great.

-- 
Ihor Radchenko // yantar92,
Org mode contributor,
Learn more about Org mode at <https://orgmode.org/>.
Support Org development at <https://liberapay.com/org-mode>,
or support my work at <https://liberapay.com/yantar92>