Peter Lebbing wrote: > Alessandro Vesely talked about snooping in the memory space of the process. > Yes, if your computer is compromised, all activity at that moment is also > compromised. The thing with swapspace though, is that the plaintext remains > on disk long after you've edited the file!
Aha! Forcing oblivion for that text is a good point. The swap probably also includes any buffer used by the windowing system and the like. A system trace of any write access to the disk would provide a comprehensive list, including any "plaintext~" or similar stuff, independently of the editor used. If you are not too paranoid, a simple wrapper, a la strace, that only looks for write access by the editor and possible forks thereof, might suffice. I'd bet some tool like that exists already, but have no pointer at hand. _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
