Re: [Mutt] #580: mutt stores PGP passphrase insecurely
- To: md@xxxxxxxx, arturcz@xxxxxxx, brendan@xxxxxxxxxx, brian@xxxxxxxxxxxxx, invalid@xxxxxxxxxxxxxx, ttakah@xxxxxxxxxxxxxxxxx, roessler@xxxxxxxxxxxxxxxxxx, wk@xxxxxxxxx, antonio@xxxxxxxx, paul@xxxxxxxxxxxxxxx
- Subject: Re: [Mutt] #580: mutt stores PGP passphrase insecurely
- From: Mutt <fleas@xxxxxxxx>
- Date: Sun, 25 Jan 2009 13:55:44 -0000
- Auto-submitted: auto-generated
- Cc: mutt-dev@xxxxxxxx, 96144@xxxxxxxxxxxxxxx
- In-reply-to: <058.5fa77f122be3996dabecb666b4de6ee9@xxxxxxxx>
- List-post: <mailto:mutt-dev@mutt.org>
- List-unsubscribe: send mail to majordomo@mutt.org, body only "unsubscribe mutt-dev"
- Mail-followup-to: fleas@xxxxxxxx
- References: <058.5fa77f122be3996dabecb666b4de6ee9@xxxxxxxx>
- Reply-to: fleas@xxxxxxxx
- Sender: owner-mutt-dev@xxxxxxxx
#580: mutt stores PGP passphrase insecurely
-----------------------------------------+----------------------------------
Reporter: Marco d'Itri <md@xxxxxxxx> | Owner: mutt-dev
Type: defect | Status: reopened
Priority: trivial | Milestone:
Component: mutt | Version:
Resolution: | Keywords:
-----------------------------------------+----------------------------------
Comment(by antonio@xxxxxxxx):
Hi,
with the 2.6 kernels mlock() is available, that will allow a non-root user
to perform what wasn't possible before.
Back in the debian bugtracker a patch was provided for this:
http://bugs.debian.org/cgi-
bin/bugreport.cgi?msg=102;filename=patch-1.5.13.pw.pgpmlock.1;att=1;bug=96144
Do you think that this patch can be included in the next release(s) or do
you prefer to update your doc?
--
Ticket URL: <http://dev.mutt.org/trac/ticket/580#comment:16>
Mutt <http://www.mutt.org/>
The Mutt mail user agent