From: Ihor Radchenko <yantar92@posteo.net>
To: Daniel Clemente <n142857@gmail.com>
Cc: Eli Zaretskii <eliz@gnu.org>, emacs-orgmode@gnu.org
Subject: org-crypt leaking data when encryption password is not entered twice (was: Please document the caching and its user options)
Date: Wed, 26 Jun 2024 13:21:21 +0000 [thread overview]
Message-ID: <87msn7kffy.fsf@localhost> (raw)
In-Reply-To: <CAJKAhPAjcy3WwbR_yiXCddS9xn6rsOeea7r94TsNQ7NNLofs2A@mail.gmail.com>
Daniel Clemente <n142857@gmail.com> writes:
> Sometimes org-crypt fails to reencrypt the data. E.g. if Emacs
> crashes, or if you fail to type the same password twice, or of course
> if you don't use (org-crypt-use-before-save-magic), etc.
I do not think that there is anything left on disk if Emacs crashes.
As for not typing the same password twice and not using
org-crypt-use-before-save-magic, we should somehow fix this.
(I am starting a new thread branch.)
One simple idea is to disable backups if encryption fails.
Or use `write-contents-functions' instead of `before-save-hook' - that
way, Emacs will not ignore errors thrown by org-crypt and will not
actually save anything if encryption fails.
> At the end of the day when I do "git diff" + "git commit" sometimes I
> realize there's unencrypted data and then I have to reencrypt it. In
> the meantime I might have killed and reopened the buffer, thus
> updating the file cache.
> That may be a problem by org-encrypt and something to document in
> org-crypt itself. The point is that users of org-encrypt should take
> extra precautions when enabling org-element-cache-persistent. Like:
> not closing buffers while the sections are unencrypted.
These things should be considered bugs. And we should fix them. Cache and
other libraries should not be responsible for special treatment of
optional org-crypt library.
--
Ihor Radchenko // yantar92,
Org mode contributor,
Learn more about Org mode at <https://orgmode.org/>.
Support Org development at <https://liberapay.com/org-mode>,
or support my work at <https://liberapay.com/yantar92>
next prev parent reply other threads:[~2024-06-26 13:20 UTC|newest]
Thread overview: 63+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-06-12 9:38 Please document the caching and its user options Eli Zaretskii
2024-06-14 13:12 ` Ihor Radchenko
2024-06-14 13:41 ` Eli Zaretskii
2024-06-14 15:31 ` Ihor Radchenko
2024-06-14 15:56 ` Eli Zaretskii
2024-06-15 12:47 ` Ihor Radchenko
2024-06-15 13:01 ` Eli Zaretskii
2024-06-15 14:13 ` Ihor Radchenko
2024-06-15 14:37 ` Eli Zaretskii
2024-06-16 9:05 ` Ihor Radchenko
2024-06-16 10:41 ` Eli Zaretskii
2024-06-23 9:12 ` Björn Bidar
2024-06-15 13:47 ` Ihor Radchenko
2024-06-14 13:56 ` Jens Lechtenboerger
2024-06-14 14:31 ` Publishing cache (was: Please document the caching and its user options) Ihor Radchenko
2024-08-12 7:55 ` Proposal: Change publication timestamps (was: Publishing cache) Jens Lechtenboerger
2024-08-15 18:29 ` Ihor Radchenko
2024-08-25 17:00 ` Proposal: Change publication timestamps Jens Lechtenboerger
2024-09-15 12:02 ` Jens Lechtenboerger
2024-09-17 18:33 ` Ihor Radchenko
2024-06-16 5:40 ` Please document the caching and its user options Daniel Clemente
2024-06-16 12:36 ` Ihor Radchenko
2024-06-17 12:41 ` Daniel Clemente
2024-06-18 15:53 ` Ihor Radchenko
2024-06-18 16:15 ` Eli Zaretskii
2024-06-18 16:25 ` Ihor Radchenko
2024-06-18 16:33 ` Eli Zaretskii
2024-06-18 16:55 ` Ihor Radchenko
2024-06-19 9:27 ` Colin Baxter
2024-06-19 10:35 ` Ihor Radchenko
2024-06-19 13:04 ` Eli Zaretskii
2024-06-19 13:30 ` Ihor Radchenko
2024-06-19 16:07 ` Colin Baxter
2024-06-19 16:15 ` Ihor Radchenko
2024-06-18 22:06 ` Rudolf Adamkovič
2024-06-19 4:29 ` tomas
2024-06-23 11:45 ` Daniel Clemente
2024-06-24 10:36 ` Ihor Radchenko
2024-06-26 12:59 ` Daniel Clemente
2024-06-26 13:21 ` Ihor Radchenko [this message]
2024-06-27 8:55 ` org-crypt leaking data when encryption password is not entered twice (was: Please document the caching and its user options) Daniel Clemente
2024-06-27 10:15 ` org-encrypt-entries is slow (was: org-crypt leaking data when encryption password is not entered twice (was: Please document the caching and its user options)) Ihor Radchenko
2024-07-02 16:54 ` Daniel Clemente
2024-07-02 19:16 ` Ihor Radchenko
2024-07-04 10:36 ` Daniel Clemente
2024-07-06 13:02 ` Ihor Radchenko
2024-07-10 13:09 ` Daniel Clemente
2024-07-11 10:40 ` Ihor Radchenko
2024-07-15 17:00 ` Daniel Clemente
2024-07-20 14:14 ` Ihor Radchenko
2024-07-24 13:47 ` Daniel Clemente
2024-07-25 7:31 ` Ihor Radchenko
2024-07-25 14:08 ` Daniel Clemente
2024-07-25 14:15 ` Ihor Radchenko
2024-10-05 18:56 ` Daniel Clemente
2024-10-20 12:57 ` Ihor Radchenko
2024-06-27 10:34 ` org-crypt leaking data when encryption password is not entered twice (was: Please document the caching and its user options) Ihor Radchenko
2024-07-02 16:53 ` Daniel Clemente
2024-06-27 9:27 ` Please document the caching and its user options Eli Zaretskii
2024-06-27 10:11 ` Ihor Radchenko
2024-06-27 10:30 ` Eli Zaretskii
2024-06-28 12:54 ` Rudolf Adamkovič
2024-06-28 15:31 ` Ihor Radchenko
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
List information: https://www.orgmode.org/
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=87msn7kffy.fsf@localhost \
--to=yantar92@posteo.net \
--cc=eliz@gnu.org \
--cc=emacs-orgmode@gnu.org \
--cc=n142857@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this public inbox
https://git.savannah.gnu.org/cgit/emacs/org-mode.git
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).