On 2001-11-15 19:11 Florian Bantner wrote: > Hi, > > I am recently busy with email-security. I'm using Mutt and GnuPG > which works greate for me. But one point did attract my attention: > > When writing a new mail which I intend to encrypt via gpg, mutt > creates a tmp file (normaly unter /tmp/.mutt*) which it uses to > 'comunicate' with Vim. This file lasts as long the vim-session is > running. Vim then saves the changes to the file and gives execution > back to Mutt.
To prevent things like this, you could mark the text you want to encrypt and filter the block through gpg(1) with ascii-armour on. This way no unencrypted files will be written to disk, of course unless you save before you have encrypted it. Most editors these days can do this operation, if your favourite editor don't support this, I strongly encourage you to begin using an editor which does. It is a very nice feature. Another thing is... You're a bit concerned that root can read your mail. A good advice is to never - NEVER place your private (secret) key on another machine you don't have physical access to or a machine which is owned by others. Public keys only. Store it on a floppy if you have to decrypt messages. Make sure the gpg executable is setuid root to prevent swapping anbd insecure memory, and make sure there is no daemon gathering keystrokes. Regards, Øyvind +================== http://www.sunbase.org/sunny ===================+ | OpenPGP: 0xAD19826C 2000-01-24 Øyvind A. Holm <[EMAIL PROTECTED]> | | Fingerprint: EAE5 DCA0 0626 5DAA 72F8 0435 2E2B E476 AD19 826C | +=========== 2 + 2 = 5 for extremely large values of 2. ============+