no-permission-warning in options file
Mon May 26 14:59:02 2003
-----BEGIN PGP SIGNED MESSAGE-----
On Fri, May 23, 2003 at 09:48:22AM +0200, Peter L. Smilde wrote:
> Using the option "--no-permission-warning" on the commandline of gpg
> 1.2.1 and 1.2.2 suppresses successfully warning messages. But when
> "no-permission-warning" is inserted into the file gpg.conf (or options)
> I still get a warning about unsafe file permissions.
> I know how to avoid this message the better way, but it would be nice if
> I could get this option working.
> What could be the reason for this behaviour?
GnuPG checks for permissions in three places: the --homedir, the
gpg.conf file, and any extensions (i.e. the IDEA module).
The check for the homedir happens *before* reading the gpg.conf file
so that anything in the gpg.conf file cannot disable it. This is
because an unsafe (and possibly hacked) gpg.conf file might contain a
"no-permission-warning" flag specifically to turn off the warnings so
you don't know it was hacked.
This isn't clear in the documentation. I'll fix that.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3-cvs (GNU/Linux)
-----END PGP SIGNATURE-----