Changeset View
Changeset View
Standalone View
Standalone View
b/doc/pinentry.texi
Context not available. | |||||
@code{configure} when building @pinentry{}. | @code{configure} when building @pinentry{}. | ||||
Having Emacs get the passphrase is convenient, however, it is a | Having Emacs get the passphrase is convenient, however, it is a | ||||
significant security risk. Emacs keeps all key presses buffered. | significant security risk. Emacs is a huge program, which doesn't | ||||
(You can see the recent key presses by typing @code{C-h l} | provide any process isolation to speak of. As such, having it handle | ||||
(@code{view-lossage}) in emacs.) Further, Emacs is a huge program, | the passphrase adds a huge chunk of code to the user's trusted computing | ||||
which doesn't provide any process isolation to speak of. As such, | base. Because of this concern, Emacs doesn't enable this by default, | ||||
having it handle the passphrase adds a huge chunk of code to the | unless the @code{allow-emacs-pinentry} option is explicitly set in his | ||||
user's trusted computing base. Because of this concern, Emacs doesn't | or her @code{.gnupg/gpg-agent.conf} file. | ||||
enable this by default (the user has to run @code{(pinentry-start)}, | |||||
e.g., from his or her @code{.emacs} file, explicitly). | |||||
Similar to the inside-emacs check, the @pinentry{} frontends check | Similar to the inside-emacs check, the @pinentry{} frontends check | ||||
whether the @code{DISPLAY} variable is set and a working X server is | whether the @code{DISPLAY} variable is set and a working X server is | ||||
Context not available. |