From f8240815ea1e44cf0b16552ed3a3676b2dc85787 Mon Sep 17 00:00:00 2001 From: Daiki Ueno Date: Sun, 31 Dec 2017 05:37:17 +0100 Subject: [PATCH] * etc/NEWS: Add security consideration note on passphrase input --- etc/NEWS | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/etc/NEWS b/etc/NEWS index 692c28a7210..7bd3a4cac4f 100644 --- a/etc/NEWS +++ b/etc/NEWS @@ -1502,6 +1502,15 @@ supported by the upstream project. To adapt to the change, you may need to set 'epa-pinentry-mode' to the symbol 'loopback'. +Note that previously, it was said that passphrase input through +minibuffer would be much less secure than other graphical pinentry +programs. However, these days the difference is insignificant: the +'read-password' function sufficiently protects input from leakage to +message logs. Emacs still doesn't use secure memory to protect +passphrases, but it was also removed from other pinentry programs as +the attack is unrealistic on modern computer systems which don't +utilize swap memory usually. + * Lisp Changes in Emacs 26.1 -- 2.39.2