diff options
| author | Daiki Ueno | 2017-12-31 05:37:17 +0100 |
|---|---|---|
| committer | Daiki Ueno | 2017-12-31 05:37:17 +0100 |
| commit | f8240815ea1e44cf0b16552ed3a3676b2dc85787 (patch) | |
| tree | a5f041ad8d40c93a06f033246c85bfa94428e3b4 | |
| parent | 0c78822c701533a94b010a043bcb049dd594bb93 (diff) | |
| download | emacs-f8240815ea1e44cf0b16552ed3a3676b2dc85787.tar.gz emacs-f8240815ea1e44cf0b16552ed3a3676b2dc85787.zip | |
* etc/NEWS: Add security consideration note on passphrase input
| -rw-r--r-- | etc/NEWS | 9 |
1 files changed, 9 insertions, 0 deletions
| @@ -1502,6 +1502,15 @@ supported by the upstream project. | |||
| 1502 | To adapt to the change, you may need to set 'epa-pinentry-mode' to the | 1502 | To adapt to the change, you may need to set 'epa-pinentry-mode' to the |
| 1503 | symbol 'loopback'. | 1503 | symbol 'loopback'. |
| 1504 | 1504 | ||
| 1505 | Note that previously, it was said that passphrase input through | ||
| 1506 | minibuffer would be much less secure than other graphical pinentry | ||
| 1507 | programs. However, these days the difference is insignificant: the | ||
| 1508 | 'read-password' function sufficiently protects input from leakage to | ||
| 1509 | message logs. Emacs still doesn't use secure memory to protect | ||
| 1510 | passphrases, but it was also removed from other pinentry programs as | ||
| 1511 | the attack is unrealistic on modern computer systems which don't | ||
| 1512 | utilize swap memory usually. | ||
| 1513 | |||
| 1505 | 1514 | ||
| 1506 | * Lisp Changes in Emacs 26.1 | 1515 | * Lisp Changes in Emacs 26.1 |
| 1507 | 1516 | ||