Re: Mutt & tmp files
On 2001-11-15 19:11 Florian Bantner wrote:
> Hi,
>
> I am recently busy with email-security. I'm using Mutt and GnuPG
> which works greate for me. But one point did attract my attention:
>
> When writing a new mail which I intend to encrypt via gpg, mutt
> creates a tmp file (normaly unter /tmp/.mutt*) which it uses to
> 'comunicate' with Vim. This file lasts as long the vim-session is
> running. Vim then saves the changes to the file and gives execution
> back to Mutt.
To prevent things like this, you could mark the text you want to
encrypt and filter the block through gpg(1) with ascii-armour on. This
way no unencrypted files will be written to disk, of course unless you
save before you have encrypted it. Most editors these days can do this
operation, if your favourite editor don't support this, I strongly
encourage you to begin using an editor which does. It is a very nice
feature.
Another thing is... You're a bit concerned that root can read your
mail. A good advice is to never - NEVER place your private (secret) key
on another machine you don't have physical access to or a machine which
is owned by others. Public keys only. Store it on a floppy if you have
to decrypt messages. Make sure the gpg executable is setuid root to
prevent swapping anbd insecure memory, and make sure there is no daemon
gathering keystrokes.
Regards,
Øyvind
+================== http://www.sunbase.org/sunny ===================+
| OpenPGP: 0xAD19826C 2000-01-24 Øyvind A. Holm <sunny@sunbase.org> |
| Fingerprint: EAE5 DCA0 0626 5DAA 72F8 0435 2E2B E476 AD19 826C |
+=========== 2 + 2 = 5 for extremely large values of 2. ============+
Reply to: