From: Daiki Ueno <ueno@gnu.org>
Date: Sun, 31 Dec 2017 04:37:17 +0000 (+0100)
Subject: * etc/NEWS: Add security consideration note on passphrase input
X-Git-Tag: emacs-26.0.91~57
X-Git-Url: http://git.eshelyaron.com/gitweb/?a=commitdiff_plain;h=f8240815ea1e44cf0b16552ed3a3676b2dc85787;p=emacs.git

* etc/NEWS: Add security consideration note on passphrase input
---

diff --git a/etc/NEWS b/etc/NEWS
index 692c28a7210..7bd3a4cac4f 100644
--- a/etc/NEWS
+++ b/etc/NEWS
@@ -1502,6 +1502,15 @@ supported by the upstream project.
 To adapt to the change, you may need to set 'epa-pinentry-mode' to the
 symbol 'loopback'.
 
+Note that previously, it was said that passphrase input through
+minibuffer would be much less secure than other graphical pinentry
+programs.  However, these days the difference is insignificant: the
+'read-password' function sufficiently protects input from leakage to
+message logs.  Emacs still doesn't use secure memory to protect
+passphrases, but it was also removed from other pinentry programs as
+the attack is unrealistic on modern computer systems which don't
+utilize swap memory usually.
+
 
 * Lisp Changes in Emacs 26.1