Useful factoid
Michel Messerschmidt
lists at michel-messerschmidt.de
Thu Oct 13 23:36:25 CEST 2011
On Thu, Oct 13, 2011 at 10:03:56AM -0400, Jean-David Beyer wrote:
> It seems to me that to do much damage to my machine, you need to get a
> shell with root access.
Depends on what you regard as damage.
Do you need root privileges to use your private gpg keys ???
> I never run a web browser as root.
If you run your web browser under the same account that you use for
gpg, vulnerabilities in your browser *potentially* allow an attacker
to access your private keys.
Same is true for your mail program, PDF reader, messaging client, ...
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 490 bytes
Desc: Digital signature
URL: </pipermail/attachments/20111013/8ccefbfd/attachment.pgp>
More information about the Gnupg-users
mailing list