[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Decrypt, Edit and Encrypt a File

Hi Sämi,

> Some weeks ago I found on debian-security [1] the following script:
> #!/bin/sh
> gpg keys.gpg > /dev/null
> emacs keys
> rm keys.gpg
> gpg -r "user-ID" -e keys
> rm keys
> What do you guys think is this approach reasonably secure? I like
> the script above because it is rather simple.
Well - the question is of course: What do you understand by "reasonably
secure" ;-) In fact, I see one really weak point in this approach:
Whenever you read / write the file, you create a un-encrypted copy which
is stored on the disk. later, you only delete it by "rm" - you don't
"zero-out" the bytes: The file is no longer accessible by the
filesystem, but there is a high probability that it is possible to
re-create the deleted file by analyzing the free sectors of your file
system (especially, as you create an new unencrypted copy whenever you
start this script).

And of course: while you are reading the file, it is stored unencrypted
on your disk - you shouldn't use this script on a multi-user machine (or
on a machine where automatic backups can happen while you are editting
this file - thus the un-encrypted copy is included into the backup).

A much safer approach (using vim instead of emacs) is e.g described  in 
http://www.debian.org/doc/manuals/reference/ch-gnupg.en.html, 14.4.2:
In this way, the clear-text version is never stored on the hard-disk,
but only kept in memory while you are editing the file.

In addition - it is more comfortable: you just have to open the file in
vim, and it will be automatically decrypted...

I'm sure for emacs exists an analogous approach (if you prefer emacs to



Reply to: