Pine Privacy Guard: Frequently Asked Questions

How does pinepg remember my passphrase? How secure is it?

How does pinepg remember my passphrase?

Answer: Pine has built-into itself a convenient security feature. Every time Pine is started, it generates a random integer, and remembers it for the duration of the session, until Pine is exited. This integer gets passed to pinepg, which pinepg uses as a symmetric encryption key. For purposes of this discussion, call this key PineKey. When a user types in their passphrase, pinepg uses the PineKey to encrypt the passphrase, then saves the encrypted passphrase to disk. When the passphrase is needed again during the same session, such as when a subsequent email is to be decrypted, pinepg will retrieve the encrypted passphrase, and use PineKey again to decrypt it. When the Pine session is completed, the encrypted passphrase file is deleted, and PineKey is released from memory.

How secure is this passphrase storage system?

Answer: The greatest vulnerability is probably the memory location that Pine keeps the above session key. If another user is able to access this session key, and over-ride the unix file permissions system to get your encrypted passphrase from the temp directory, then they will be able to get your passphrase. This should be difficult or impossible to do on properly configured systems. If this is of significant concern to you, then you should also evaluate whether or not you even want to store and retrieve your GnuPG keys on this system in the first place.

Btw, if you don't trust the root user, then don't even use the system in the first place. Anyone who has super-user access can theoretically intercept all input and output to the system.

Back to Pine Privacy Guard home page.

Page last updated Sun Mar 3 09:28:48 2002 PST.