Unsafe Permission Warnings

Todd Todd <Freedom_Lover@pobox.com>
Tue Mar 11 23:24:01 2003 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Marc R. Jacobs wrote:
> When I send a message out of Evolution, under RedHat 8.0, the digital
> signature returns the following:
>
> gpg: Warning: unsafe permissions on file "/home/marc/.gnupg/options"
> gpg: Warning: unsafe permissions on file "/home/marc/.gnupg/random_seed"
> gpg: Warning: unsafe permissions on file "/home/marc/.gnupg/pubring.gpg"
> gpg: armor header: Version: GnuPG v1.0.7 (GNU/Linux)
> gpg: Signature made Tue 11 Mar 2003 12:10:22 PM PST using DSA key ID
> 07909752
> gpg: Good signature from "Marc R. Jacobs <marc@netmarc.com>"
> gpg: Warning: unsafe permissions on file "/home/marc/.gnupg/trustdb.gpg"

As the message says, you have unsafe permissions on those files. :)

You should change the permissions to ensure that non of the files are
writable by anyone other than user marc.  All the files in
/home/marc/.gnupg, and the .gnupg directory itself should be owned by user
marc.  Here's an example:

$ ls -l ~/.gnupg/
total 112k
- -rw-r--r--    1 user     user         2.8k Jul  2  2001 options
- -rw-r--r--    1 user     user          47k May  3  2002 pubring.gpg
- -rw-r--r--    1 user     user          46k Jul  4  2001 pubring.gpg~
- -rw-------    1 user     user          600 Dec 19 01:40 random_seed
- -rw-------    1 user     user         1.1k Jul  2  2001 secring.gpg
- -rw-r--r--    1 user     user         1.4k May  3  2002 trustdb.gpg

You can make the permission more restrictive than this, but no less.  The
.gnupg directory itself has these permissions:

$ ls -ld ~/.gnupg
drwx------    2 user     user         4.0k Mar  7 19:18 /home/user/.gnupg

- -- 
Todd              OpenPGP -> KeyID: 0xD654075A | URL: www.pobox.com/~tmz/pgp
============================================================================
The World is a dangerous place, not because of evil people, but because of
those who watch evil and do nothing about it.
    -- Albert Einstein

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)
Comment: When crypto is outlawed bayl bhgynjf jvyy unir cevinpl.

iD8DBQE+bmIYuv+09NZUB1oRAh5HAJ9dBkcLH9H7FPiASbSmbvvxZurtwwCg39Jb
FOVJFRM6phNOKz8MsqED0uw=
=WCnD
-----END PGP SIGNATURE-----