Hi folks, Alfredo Pironti, CCd, has written me to point out two issues in pass. The first is that he believes gpg compression might reveal information relating to the entropy of the enclosed password. Commit 51f9b6888 fixes this.
The second is something I've known about and considered for a long time, which is that an attacker can swap out a gpg'd password with a different one, or rename and/or delete passwords, because we only encrypt but do not sign incoming passwords or filesystem information. Apparently this is a big enough deal that a LaTeXified paper is being submitted to a conference about it. The response toward this which I'm leaning is that folks who desire tamper-proof password stores should use the "gpg-sign" option of git-commit, along with hooks for verification. Thoughts? Jason _______________________________________________ Password-Store mailing list [email protected] http://lists.zx2c4.com/mailman/listinfo/password-store
