GNU bug report logs -
#19991
24.3; insecure design or else bug: gpg passphrase persists when emacs is closed and re-opened
Previous Next
Reported by: Ed Green <eug2 <at> psu.edu>
Date: Tue, 3 Mar 2015 17:20:01 UTC
Severity: normal
Tags: notabug
Found in version 24.3
Done: Glenn Morris <rgm <at> gnu.org>
Bug is archived. No further changes may be made.
Full log
View this message in rfc822 format
Ed Green <eug2 <at> psu.edu> writes:
Hi Ed,
> I opened emacs24 in xubuntu 14.04 with command "emacs&". In dired, I
> opened a gpg-encrypted file. I was prompted to supply my passphrase,
> after which the unencrypted text was displayed. I did not click the
> box labelled "Automatically unlock this key, whenever I'm logged in".
>
> Next, I closed emacs by clicking the 'x' in the corner of the window. I
> opened emacs in a new process with "emacs&". Again in dired, I opened a
> different gpg-encrypted file. The unencrypted text was immediately
> displayed, without my being prompted for a passphrase.
I guess that's not related to Emacs but instead the GPG Agent cached the
passphrase, and the second file you opened was encrypted with the same
public key as the former file. By default, the GPG Agent caches
passphrases for two hours:
,----[ (info "(gnupg)Agent Options") ]
| '--max-cache-ttl N'
| Set the maximum time a cache entry is valid to N seconds. After
| this time a cache entry will be expired even if it has been
| accessed recently or has been set using 'gpg-preset-passphrase'.
| The default is 2 hours (7200 seconds).
`----
Bye,
Tassilo
This bug report was last modified 10 years and 85 days ago.
Previous Next
GNU bug tracking system
Copyright (C) 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson.