From mboxrd@z Thu Jan  1 00:00:00 1970
From: Bastien <bzg@altern.org>
Subject: Re: org-crypt.el security problem (From: Milan Zamazal)
Date: Sun, 06 Mar 2011 18:54:53 +0100
Message-ID: <87wrkcnngy.fsf@gnu.org>
References: <m27hce7wn3.fsf@pmade.com>
	<87bp1quc7q.fsf@keller.adm.naquadah.org> <874o7glg8q.fsf@gnu.org>
	<871v2kseyh.fsf@keller.adm.naquadah.org>
Mime-Version: 1.0
Content-Type: text/plain
Return-path: <emacs-orgmode-bounces+geo-emacs-orgmode=m.gmane.org@gnu.org>
Received: from [140.186.70.92] (port=45919 helo=eggs.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.43) id 1PwIAj-0003ON-Lc
	for emacs-orgmode@gnu.org; Sun, 06 Mar 2011 12:55:14 -0500
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <bastienguerry@googlemail.com>) id 1PwIAg-0000iZ-Mh
	for emacs-orgmode@gnu.org; Sun, 06 Mar 2011 12:55:13 -0500
Received: from mail-wy0-f169.google.com ([74.125.82.169]:37017)
	by eggs.gnu.org with esmtp (Exim 4.71)
	(envelope-from <bastienguerry@googlemail.com>) id 1PwIAg-0000i5-Ez
	for emacs-orgmode@gnu.org; Sun, 06 Mar 2011 12:55:10 -0500
Received: by wyi11 with SMTP id 11so4115241wyi.0
	for <emacs-orgmode@gnu.org>; Sun, 06 Mar 2011 09:55:09 -0800 (PST)
In-Reply-To: <871v2kseyh.fsf@keller.adm.naquadah.org> (Julien Danjou's message
	of "Sun, 06 Mar 2011 11:47:34 +0100")
List-Id: "General discussions about Org-mode." <emacs-orgmode.gnu.org>
List-Unsubscribe: <http://lists.gnu.org/mailman/listinfo/emacs-orgmode>,
	<mailto:emacs-orgmode-request@gnu.org?subject=unsubscribe>
List-Archive: <http://lists.gnu.org/archive/html/emacs-orgmode>
List-Post: <mailto:emacs-orgmode@gnu.org>
List-Help: <mailto:emacs-orgmode-request@gnu.org?subject=help>
List-Subscribe: <http://lists.gnu.org/mailman/listinfo/emacs-orgmode>,
	<mailto:emacs-orgmode-request@gnu.org?subject=subscribe>
Sender: emacs-orgmode-bounces+geo-emacs-orgmode=m.gmane.org@gnu.org
Errors-To: emacs-orgmode-bounces+geo-emacs-orgmode=m.gmane.org@gnu.org
To: emacs-orgmode@gnu.org

Hi Julien,

Julien Danjou <julien@danjou.info> writes:

> What I can also suggest is to never show the encrypted block in the Org
> buffer.

I agree this would be better.

> This is what I do in my configuration: on Org file loading, I decrypt
> all entries. Therefore I never see the GPG block. When I save,
> everything is encrypted, written, and then re-decrypted.

Can you share your config?

> Using org-crypt this way, it would be easy to fix auto-save-hook. 

I see: auto-save-hook would encrypt, write to ~/.#file# then decrypt the
original buffer back again -- yes?

> With the current way on letting the user decrypt heading by heading,
> it does not seems that easy. :)

Yep...

-- 
 Bastien