Useful factoid

Michel Messerschmidt lists at
Thu Oct 13 23:36:25 CEST 2011

On Thu, Oct 13, 2011 at 10:03:56AM -0400, Jean-David Beyer wrote:
> It seems to me that to do much damage to my machine, you need to get a
> shell with root access. 

Depends on what you regard as damage.
Do you need root privileges to use your private gpg keys ???

> I never run a web browser as root. 

If you run your web browser under the same account that you use for
gpg, vulnerabilities in your browser *potentially* allow an attacker 
to access your private keys.

Same is true for your mail program, PDF reader, messaging client, ...

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 490 bytes
Desc: Digital signature
URL: </pipermail/attachments/20111013/8ccefbfd/attachment.pgp>

More information about the Gnupg-users mailing list