edit trust does not require a passphrase?
David Shaw
dshaw at jabberwocky.com
Sun Jan 25 18:13:56 CET 2004
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On Sun, Jan 25, 2004 at 05:19:47PM -0500, Douglas F. Calvert wrote:
> How come editing the trust database does not require a password?
> After thinking about it, it became obvious that in order to require
> a password you would need to have a passphrase specifically for the
> trustdb because there might be multiple private keys. It seems that
> protecting the security of the trustdb is important. Granted in a
> perfect world people should not have access to your homedir and or
> an open terminal but it does happen in the real world...
If someone has write access to your homedir and/or your account on an
open terminal, it's game over, GnuPG or no GnuPG.
David
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.3.5-cvs (GNU/Linux)
Comment: Key available at http://www.jabberwocky.com/david/keys.asc
iHEEARECADEFAkAUTbQqGGh0dHA6Ly93d3cuamFiYmVyd29ja3kuY29tL2Rhdmlk
L2tleXMuYXNjAAoJEOJmXIdJ4cvJqb4AoIOtzbgPb9oEWtptRFKehsAT44DUAKCO
tL25X4dIkNhI2BW3V4fnVeW3Dw==
=prGC
-----END PGP SIGNATURE-----
More information about the Gnupg-devel
mailing list