Sunday, September 25, 2016

Re: Strength of builtin blowfish2 encryption?

On 2016-09-25 13:15, Shawn H Corey wrote:
>> > I wonder how string the builtin encryption of vim really is.
>>
>> Encryption really isn't the business of a text editor. Decrypt the
>> cipher-text, feed it to the editor, encrypt when saving, and be
>> sure to delete any temporary/backup files.
>
> It is the business of an editor when it stores temporary files.
> Those too have to be encrypted or it's all wasted effort.

swap/temporary files should be encrypted *or not used*. I believe
one of the GPG plugins I tried disabled a number options such as the
swap file, undo history, and persisting of registers in .viminfo so
it would read the encrypted file in, disable all the settings, pass
it through GPG to decrypt it, allow viewing/editing, then encrypt
upon writing. There's still the possibility of the OS swapping the
memory out to an unencrypted swap space, but that's an OS thing (on
OpenBSD, the swap is encrypted by default; on other OSes, you might
have to jump through some hoops).

-tim



--
--
You received this message from the "vim_use" maillist.
Do not top-post! Type your reply below the text you are replying to.
For more information, visit http://www.vim.org/maillist.php

---
You received this message because you are subscribed to the Google Groups "vim_use" group.
To unsubscribe from this group and stop receiving emails from it, send an email to vim_use+unsubscribe@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

No comments: