[PATCH GnuPG] agent: Enable restricted, browser, and ssh socket by default.

Daniel Kahn Gillmor dkg at fifthhorseman.net
Tue Sep 20 03:22:36 CEST 2016


On Mon 2016-09-19 07:32:41 -0400, Claus Assmann wrote:
> On Fri, Sep 16, 2016, Werner Koch wrote:
>
>> really needed.  Why should gpg-agent open a port (or here a socket)
>> which is in general not required.  Adding two extra doors makes it
>
>> Other reasons are extra running code, more strange bug reports, and the
>
> Software should be "secure by default", and not "enable as many
> options as all of the developers together can come up with";
> especially when it comes to software that is related to security.

Following this line of argument, we could say that only the restricted
socket should be enabled by default, and the normal socket should be
disabled.  However, that would make gpg-agent unusable in many use
cases, so we don't do it.

offering the restricted socket in addition to the normal socket doesn't
seem to increase the attack surface.

     --dkg
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 930 bytes
Desc: not available
URL: </pipermail/attachments/20160919/fbc10822/attachment.sig>


More information about the Gnupg-devel mailing list