[git] Pinentry - branch, master, updated. pinentry-1.0.0-26-gebfa54e

by Daiki Ueno cvs at cvs.gnupg.org
Wed Jul 12 21:29:57 CEST 2017 

This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "The standard pinentry collection".

The branch, master has been updated
       via  ebfa54e6044420ae12a090cdef9df7e7b0d961d2 (commit)
      from  e57bcb7a2acff3a61a342d24e6a55407bf736631 (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
commit ebfa54e6044420ae12a090cdef9df7e7b0d961d2
Author: Daiki Ueno <ueno at gnu.org>
Date:   Wed Jul 12 21:28:58 2017 +0200

    doc: Make Emacs frontend description more accurate
    
    * doc/pinentry.texi (Front ends): Remove false assertions on
    insecurity of Emacs, and mention allow-emacs-pinentry option of
    gpg-agent.
    
    Proofread-by: Marcus Brinkmann <mb at g10code.com>
    GnuPG-bug-id: 2034

diff --git a/doc/pinentry.texi b/doc/pinentry.texi
index 23c1c5e..44e2eb1 100644
--- a/doc/pinentry.texi
+++ b/doc/pinentry.texi
@@ -261,14 +261,12 @@ be explicitly disabled by passing @code{--disable-inside-emacs} to
 @code{configure} when building @pinentry{}.
 
 Having Emacs get the passphrase is convenient, however, it is a
-significant security risk.  Emacs keeps all key presses buffered.
-(You can see the recent key presses by typing @code{C-h l}
-(@code{view-lossage}) in emacs.)  Further, Emacs is a huge program,
-which doesn't provide any process isolation to speak of.  As such,
-having it handle the passphrase adds a huge chunk of code to the
-user's trusted computing base.  Because of this concern, Emacs doesn't
-enable this by default (the user has to run @code{(pinentry-start)},
-e.g., from his or her @code{.emacs} file, explicitly).
+significant security risk.  Emacs is a huge program, which doesn't
+provide any process isolation to speak of.  As such, having it handle
+the passphrase adds a huge chunk of code to the user's trusted computing
+base.  Because of this concern, Emacs doesn't enable this by default,
+unless the @code{allow-emacs-pinentry} option is explicitly set in his
+or her @code{.gnupg/gpg-agent.conf} file.
 
 Similar to the inside-emacs check, the @pinentry{} frontends check
 whether the @code{DISPLAY} variable is set and a working X server is

-----------------------------------------------------------------------

Summary of changes:
 doc/pinentry.texi | 14 ++++++--------
 1 file changed, 6 insertions(+), 8 deletions(-)


hooks/post-receive
-- 
The standard pinentry collection
http://git.gnupg.org

More information about the Gnupg-commits mailing list