Agent socket security
Daniel Kahn Gillmor
dkg at fifthhorseman.net
Mon May 12 14:05:15 CEST 2014
Hi Werner--
Thanks for the confirmation.
On 05/12/2014 06:25 AM, Werner Koch wrote:
> That is correct. The sockets are created in the ~/.gnupg directly which
> should have appropriate permissions anyway (gpg shows a warning if not)
> or in a temporary directly created for the user. Obviously the umask
> should now allow others to write to the socket.
I think you mean "should not allow" above, right?
Regards,
--dkg
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 1010 bytes
Desc: OpenPGP digital signature
URL: </pipermail/attachments/20140512/e7c5df0c/attachment-0001.sig>
More information about the Gnupg-devel
mailing list