[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Decrypt, Edit and Encrypt a File



Hi Sämi,

> Some weeks ago I found on debian-security [1] the following script:
>
> #!/bin/sh
> gpg keys.gpg > /dev/null
> emacs keys
> rm keys.gpg
> gpg -r "user-ID" -e keys
> rm keys
>
> What do you guys think is this approach reasonably secure? I like
> the script above because it is rather simple.
Well - the question is of course: What do you understand by "reasonably
secure" ;-) In fact, I see one really weak point in this approach:
Whenever you read / write the file, you create a un-encrypted copy which
is stored on the disk. later, you only delete it by "rm" - you don't
"zero-out" the bytes: The file is no longer accessible by the
filesystem, but there is a high probability that it is possible to
re-create the deleted file by analyzing the free sectors of your file
system (especially, as you create an new unencrypted copy whenever you
start this script).

And of course: while you are reading the file, it is stored unencrypted
on your disk - you shouldn't use this script on a multi-user machine (or
on a machine where automatic backups can happen while you are editting
this file - thus the un-encrypted copy is included into the backup).

A much safer approach (using vim instead of emacs) is e.g described  in 
http://www.debian.org/doc/manuals/reference/ch-gnupg.en.html, 14.4.2:
In this way, the clear-text version is never stored on the hard-disk,
but only kept in memory while you are editing the file.

In addition - it is more comfortable: you just have to open the file in
vim, and it will be automatically decrypted...

I'm sure for emacs exists an analogous approach (if you prefer emacs to
vim)


HTH,

Axel


Reply to: