Pinentry: secure memory

Neal H. Walfield neal at
Sun Jul 26 19:40:33 CEST 2015


At Mon, 20 Jul 2015 13:11:50 +0200,
Werner Koch wrote:
> On Mon,  6 Jul 2015 21:48, dkg at said:
> > Is swap the only reason to use the secure memory?  Defending against
> Yes, for Pinentry because there is only single confidential data object
> to protect and we know the places were we may want to wipe it.  For
> GnuPG this is more complicated because the secure memory area is also
> used to automatically wipe malloc-ed memory before a free.
> > So I'm not convinced the tradeoff for secure memory is worthwhile.  If
> > you're relying on graphical toolkits, you end up relying on the toolkits
> > to do the right thing anyway.
> Looks to me that we have a rough consensus to do away with secure memory
> in Pinentry.

I've implemented and pushed this for the gtk2 widget.  See commit

:) Neal

More information about the Gnupg-devel mailing list