-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 On 2015-07-27 16:27, Anton Aylward wrote:
What matters is that the clear text password is not on disk.
*sigh* if you log out each day (at least) and shut down (each day at least)[1] so that the window is small then not having the clear text in persistent storage at least limits the modes of attack.
Well, the PGP password is cached for a long time. It can be for the entire session, which can last weeks. And on some desktops, it is only protected by the user password. Recently GPG pops a big warning about being hijacked by some other desktop service, and refusing to run, I think. My script could easily remove the tmp file on exit, or do it later via an "at" job. - -- Cheers / Saludos, Carlos E. R. (from 13.1 x86_64 "Bottle" (Minas Tirith)) -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.22 (GNU/Linux) iF4EAREIAAYFAlW2RSIACgkQja8UbcUWM1ztQgD/cOqNHTl7MlxrhqzilU5kl18O wRTS9+Nm6vzTUlH8VWQBAIhafyi+PtLotyEuD1tQulY7nacd5wLK9WsKMtocpqKo =xjzH -----END PGP SIGNATURE----- -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org