no-permission-warning in options file

David Shaw dshaw@jabberwocky.com
Mon May 26 14:59:02 2003


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Fri, May 23, 2003 at 09:48:22AM +0200, Peter L. Smilde wrote:
> Hi,
> 
> Using the option "--no-permission-warning" on the commandline of gpg
> 1.2.1 and 1.2.2 suppresses successfully warning messages. But when
> "no-permission-warning" is inserted into the file gpg.conf (or options)
> I still get a warning about unsafe file permissions.
> 
> I know how to avoid this message the better way, but it would be nice if
> I could get this option working.
> 
> What could be the reason for this behaviour?

GnuPG checks for permissions in three places: the --homedir, the
gpg.conf file, and any extensions (i.e. the IDEA module).

The check for the homedir happens *before* reading the gpg.conf file
so that anything in the gpg.conf file cannot disable it.  This is
because an unsafe (and possibly hacked) gpg.conf file might contain a
"no-permission-warning" flag specifically to turn off the warnings so
you don't know it was hacked.

This isn't clear in the documentation.  I'll fix that.

David
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3-cvs (GNU/Linux)
Comment: http://www.jabberwocky.com/david/keys.asc

iD8DBQE+0g/e4mZch0nhy8kRAi36AJ9VMh8fqy2UxojGiLsCRS5cuk5yswCeOgsQ
r6DzwXuWw/M09LBRrTn8m/w=
=q5nx
-----END PGP SIGNATURE-----