[PATCH] Add inside-Emacs mode to GUI pinentry programs

Daiki Ueno ueno at gnu.org
Tue Jun 9 07:43:18 CEST 2015

Daniel Kahn Gillmor <dkg at fifthhorseman.net> writes:

> On Mon 2015-06-08 23:40:36 -0400, Daiki Ueno wrote:
>> That's a valid concern.  Actually, I too am unlikely to use the Emacs
>> pinentry regularly for security reasons, while users are really eager
>> for the enter-passphrase-from-the-minibuffer feature.
> Which users are demanding this?  In what contexts?  How have the options
> and tradeoffs been presented to them?

I don't want to repeat the discussions here, sorry.  If you are really
interested, you can search on the Emacs bug tracker and the emacs-devel
mailing list.

> Understanding the goals and use cases for this potentially-risky
> feature seems like an important step, particularly if the folks
> developing it don't want to use it themselves.

I merely meant that I generally prefer to do crypto operations outside
of Emacs, as Emacs is inherently insecure (e.g., the read-passwd
function could be replaced at run-time, by an external package).
Nevertheless, the pinentry-emacs mechanism should be reasonably secure
for the typical use-cases.

>> option to pinentry.conf, e.g., {no-,}allow-emacs-pinentry.
>> I will try to add it in the new patch.
> thanks, this is an interesting option.

I'm now turning the option off by default.

Daiki Ueno

More information about the Gnupg-devel mailing list