Check for file permissions is rather weak

[Christian Biere]

Hi,

when I use the option '--options' gpg checks whether the given file is
owned by me or root. It also checks whether this file is writeable by
others than me or root. This check is performed for the directory of this
file, too. However, gpg does not verify any permissions above the
directory the file is member of. Therefore, these checks are not
very satifying, as someone could mv this directory away and replace it
with something else.

Christian
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 303 bytes
Desc: not available
Url : /pipermail/attachments/20021210/57810cf3/attachment.bin