Hi, I am recently busy with email-security. I'm using Mutt and GnuPG which works greate for me. But one point did attract my attention: When writing a new mail which I intend to encrypt via gpg, mutt creates a tmp file (normaly unter /tmp/.mutt*) which it uses to 'comunicate' with Vim. This file lasts as long the vim-session is running. Vim then saves the changes to the file and gives execution back to Mutt. What I don't like is: First the tmp file is readable by root. I do know that there are other ways for root so that he can access the mail-content, but simply reading files seems a little bit to easy. Second and more important: When a file is created on disk it occupies physikal space on the disk. When its deleted again, the space is in no way 'cleaned', but stays on the disk until it is accidentaly overwritten. Even than you can recreate it. Everyone with access to the disk can therefore (in the worst case) read any mail which was ever written by any user of that system - either he/she encrypted it or not. It's not hard to imagine situations where this is bad. But what to do against? Thanks, Florian Bantner -- »« »« »« »« »« »« »« »« »« »« »« »« »« »« »« AXON-E Interaktive Medien Arnulfsplatz 6 93047 Regensburg . Tel. 0941 - 599 854 4 Fax. 0941 - 599 854 1 Mail f.bantner@axon-e.de Key http://www.axon-e.de/gpg/f.bantner.key »« »« »« »« »« »« »« »« »« »« »« »« »« »« »«
Attachment:
pgpY2lyzOQy6C.pgp
Description: PGP signature