gpg doesn't fail on target file existing when decrypting

[Doug Barton]

Andrew Flerchinger wrote:
> Yes, I do see that behavior. The primary difference is that I never want
> it to prompt me for anything, since I'm writing a headless wrapper.

What you're suggesting isn't "safe" in any case. What I would do in
your situation is the following:

1. Use mktemp to safely create a new, unique file
2. Send the decryption output to that file
3. Test if the "real" file exists, and if so unlink it
4. mv $newfile $realfilename


hth,

Doug