48618Re: encrypt/decrypt functions for a session
- Dec 3, 2007Matt Wozniski wrote:
>On Dec 3, 2007 2:05 PM, Charles E. Campbell, Jr. wrote:Where's the part where I said I'd store the session pid in some
>>Assuming that I have an encrypt/decrypt function pair, the pid could be
>>used as a single-session p/w that would be transparent to the user. I
>>don't see any point in saving a ftp password but requiring the user to
>>enter some other password to make the ftp password available. Such
>>things as recording the hundredth of a second that vim/gvim started
>>along with the pid would act as an improved session-only password.
>Sure, I understand that you could use it as a key to encrypt the
>password, but what I'm really asking is what you gain from that. Is it
>really more secure to have an encrypted string and its decryption key
>stored in memory than it is to have an unencrypted string in memory?
>Particularly on an open-source project where anyone who wants to can
>view your source code?
variable? Something like getpid() would be called during
encrypt/decrypt, not stored.
You received this message from the "vim_dev" maillist.
For more information, visit http://www.vim.org/maillist.php
- << Previous post in topic Next post in topic >>