[PATCH] gpg-agent: Enable socket activation
Shea Levy
shea at shealevy.com
Fri Nov 21 05:20:14 CET 2014
> On Nov 20, 2014, at 3:18 PM, Werner Koch <wk at gnupg.org> wrote:
>
> On Thu, 20 Nov 2014 20:11, rjh at sixdemonbag.org said:
>
>> I think this is a little extreme. If the other users are all trusted,
>> the risk is manageable. For instance, over the Christmas holidays my
>> younger relatives will often use my laptop to do some of their
>
> Of course I was thinking of a machine with concurrent working users.
> There are too many local root exploits and even a fully fixed box is
> never safe from side-channel attacks.
Even in the case of a multi-user machine with only one working user at a time, surely it’s still good practice to kill all unnecessary processes after logout? If you accept this use case then my argument still holds.
>
>
> Salam-Shalom,
>
> Werner
>
> --
> Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz.
>
>
> _______________________________________________
> Gnupg-devel mailing list
> Gnupg-devel at gnupg.org
> http://lists.gnupg.org/mailman/listinfo/gnupg-devel
More information about the Gnupg-devel
mailing list