Why is ~/.gnupg/trustdb.gpg readable by all?

Dan Harkless gnupg@dilvish.speed.net
Wed Feb 7 01:15:07 2001

"Steven E. Harris" <steven.harris@tenzing.com> writes:

> The GnuPG manual mentions that the trust information is kept separate
> from your public keyring, presumably to avoid spilling what you think
> of others when you export your public keyring. I was surprised to
> notice that the default permissions on trustdb.gpg are both group- and
> world-readable. Should this file be more private? If not, what's the
> motivation?
Your question is still a good one, but I'd just point out that the default permissions on ~/.gnupg are rwx------, are they not? So the permissions on trustdb.gpg won't matter *too* much... -- Dan Harkless SpeedGate Communications, Inc.