Why is ~/.gnupg/trustdb.gpg readable by all?

Steven E. Harris steven.harris@tenzing.com
Tue Feb 6 23:54:01 2001


The GnuPG manual mentions that the trust information is kept separate
from your public keyring, presumably to avoid spilling what you think
of others when you export your public keyring. I was surprised to
notice that the default permissions on trustdb.gpg are both group- and
world-readable. Should this file be more private? If not, what's the
motivation?

-- 
Steven E. Harris        :: steven.harris@tenzing.com
Tenzing                 :: http://www.tenzing.com