Agent socket security
Daniel Kahn Gillmor
dkg at fifthhorseman.net
Mon May 12 14:05:15 CEST 2014
Thanks for the confirmation.
On 05/12/2014 06:25 AM, Werner Koch wrote:
> That is correct. The sockets are created in the ~/.gnupg directly which
> should have appropriate permissions anyway (gpg shows a warning if not)
> or in a temporary directly created for the user. Obviously the umask
> should now allow others to write to the socket.
I think you mean "should not allow" above, right?
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 1010 bytes
Desc: OpenPGP digital signature
More information about the Gnupg-devel