Pinentry makes it awfully easy to snoop all passwords entered by the user
Werner Koch
wk at gnupg.org
Thu Aug 29 09:46:46 CEST 2013
On Wed, 28 Aug 2013 20:12, dkg at fifthhorseman.net said:
> released afaik), the agent is designed to not transmit passwords to gpg
> itself at all; instead, the agent hangs on to the keys and only
> asymmetric crypto challenges and responses are communicated between the
> agent and the gpg process. So if you're really only concerned about
Right. However, the pinentry is still used to ask for the passphrase or
PIN. As a separate process it also communicates via pipes.
> but basically: if your adversary has root on your machine or has full
> control over your local account even, there isn't a way to use gpg (or
Right. As soon as you can ptrace a process it is really easy to figure
out anything. An adversary might also use gdb to grab interesting
things. I do that all the time during debugging.
Protecting one from herself is not possible.
Salam-Shalom,
Werner
--
Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz.
More information about the Gnupg-devel
mailing list