On Dec 5, 2007 1:21 AM, thomas wrote:
Thank you, Ben! That's exactly what I meant.
For this, keeping a variable in a script-local function would suffice
-- I personally haven't found a way yet to access a s:var.
...
Also, you will most likely have to define functions that decrypt the
and there is no way to protect against #3: Someone with access
to your core file can access the encryption key (even if it's vim's
start time, vim has to be storing that somewhere to give it to you)
Not necessarily. If it can be got by a system call when it is needed and then
popped off the
On Dec 3, 2007 4:59 PM, Charles E. Campbell, Jr. wrote:
Matt Wozniski wrote:
On Dec 3, 2007 2:05 PM, Charles E. Campbell, Jr. wrote:
Assuming that I have an encrypt/decrypt function pair, the pid could be
used as a single-session p/w that would be transparent to the user. I
don't see
My point was that a would-be cracker would have access to both the
encryption key and the encrypted text. Using the pid as the key is
not made more secure by not storing it, since that cracker would also
have access to the hypothetical getpid() function; it just saves him
the trouble of
Thank you, Ben! That's exactly what I meant.
For this, keeping a variable in a script-local function would suffice
--
I personally haven't found a way yet to access a s:var. (If you know
of
a vim-only solution, please tell me.) Although rot13 is of course is
no
encryption/obfuscation at all,
On 02/12/2007, Yakov Lerner [EMAIL PROTECTED] wrote:
Maybe a patch to add getpid() function to vimscript is
not bad idea ? Even without relation to Charles ciphering troubles.
I second Yakov's idea.
--
Registered Linux User #445632
http://counter.li.org
On 03/12/2007, Matt Wozniski [EMAIL PROTECTED] wrote:
3. This entire discussion seems to basically be a moot point since
any cracker worth his salt would just be sniffing the network...
FTP transmits passwords in plaintext; security in how netrw
handles the passwords seems to be
since the cracker will only need to
get two values from vim's memory instead of one. Am I missing
something?
This assumes an attack that is specifically targeted at an individual
vim user using a specific version of the netrw plugin. This isn't the
most likely scenario though. (Depending on
Matt Wozniski wrote:
Fixing that to use a script-local variable would definitely be
a worthwhile change that should be made ASAP, though it still wouldn't
protect you from plaintext passwords being in your core files.
Yes, I've done that for v116g.
While we're at it, what is a reasonable
On Dec 3, 2007 2:05 PM, Charles E. Campbell, Jr. wrote:
Matt Wozniski wrote:
Fixing that to use a script-local variable would definitely be
a worthwhile change that should be made ASAP, though it still wouldn't
protect you from plaintext passwords being in your core files.
Yes, I've done
Matt Wozniski wrote:
On Dec 3, 2007 2:05 PM, Charles E. Campbell, Jr. wrote:
Assuming that I have an encrypt/decrypt function pair, the pid could be
used as a single-session p/w that would be transparent to the user. I
don't see any point in saving a ftp password but requiring the user to
That's good unless your /proc/sys/kernel/core_pattern contains %p, or
/proc/sys/kernel/core_uses_pid == 1
On 03/12/2007, Charles E. Campbell, Jr. [EMAIL PROTECTED] wrote:
Matt Wozniski wrote:
On Dec 3, 2007 2:05 PM, Charles E. Campbell, Jr. wrote:
Assuming that I have an encrypt/decrypt
Charles E. Campbell, Jr. wrote:
Matt Wozniski wrote:
Fixing that to use a script-local variable would definitely be
a worthwhile change that should be made ASAP, though it still wouldn't
protect you from plaintext passwords being in your core files.
Yes, I've done that for v116g.
Charles E Campbell wrote:
Any good way to get
the vim process's pid? How about under Windows?
Maybe a patch to add getpid() function to vimscript is
not bad idea ? Even without relation to Charles ciphering troubles.
Can this be added to the todo ?
Yakov
On Nov 29, 2007 12:23 AM, Charles E Campbell Jr
[EMAIL PROTECTED] wrote:
Hello!
I don't see any way to encrypt/decrypt strings in the vim function
library, but there is a way to encrypt a file buffer. Netrw tries to
make use of ftp, etc and its associated passwords simpler by retaining
thomas wrote:
However, I suspect that there's no way to get vim to feed the
p-r-b-password to the builtin encryption/decryption facilities.
I thought the :X command does little more than setting the key option?
At least from running some (i.e. two) tests, I'd say that you could
also
Tony Mechelynck wrote:
Yakov Lerner wrote:
On Nov 29, 2007 12:23 AM, Charles E Campbell Jr
[EMAIL PROTECTED] wrote:
Hello!
I don't see any way to encrypt/decrypt strings in the vim function
library, but there is a way to encrypt a file buffer. Netrw tries to
make use of ftp, etc and
17 matches
Mail list logo