On Wed, Oct 05, 2005 at 05:55:17AM +0200, Brendan Cully wrote: > Synopsis: mutt stores PGP passphrase insecurely > State-Changed-From-To: open->closed > State-Changed-Why: > Mutt can use gpg-agent, which pushes this problem outside of mutt's domain. Er, well, come on... just because Mutt *can* use an auxiliary program to handle encryption passphrases securely doesn't mean mutt itself should completely ignore the issue. As shipped, mutt is vulnerable. Admittedly this is not a severe issue, but it is a legitimate security concern. I think this really ought to be re-opened. -- Derek D. Martin http://www.pizzashack.org/ GPG Key ID: 0xDFBEAD02 -=-=-=-=- This message is posted from an invalid address. Replying to it will result in undeliverable mail. Sorry for the inconvenience. Thank the spammers.
Attachment:
pgpNItXAtleey.pgp
Description: PGP signature