Moving the agent's socket to /var/run ?
Neal H. Walfield
neal at walfield.org
Tue Feb 23 20:19:18 CET 2016
On Tue, 23 Feb 2016 19:29:39 +0100,
Werner Koch wrote:
> On Tue, 23 Feb 2016 16:33, neal at walfield.org said:
>
> > /var/run/user/<uid>/S.gpg-agent-hash
> >
> > where hash is the hash of GNUPGHOME?
>
> Clever idea. Do we need to truncate the hash?
>
> /var/run/user/65535/S.gpg-agent-823125cb68e88fabb56828d6a090df0211228809
>
> would be short enough but I doubt we need 160 bit to differentiate
> between one users gnupg home directories.
I suspect that 32 bits would be sufficient and 64 bits are definately
more than enough. The only adversary in this scenario is the birthday
paradox.
:) Neal
More information about the Gnupg-devel
mailing list