decrypt-file updates trustdb?

Werner Koch wk at
Tue Feb 28 12:40:29 CET 2012

On Tue, 28 Feb 2012 10:42, David.Vazquez-Landa at said:
> Thanks for the explanation Werner. Does this mean that it is OK then to have write permissions on trustdb.gpg, pubring.gpg and pubring.bak?

Yes sure.  If you don't want that you may use the options

  --no-auto-check-trustdb --no-sig-cache

I have not tested it, though.  If you use a writable trustdb, you may
use a nightly cron job

  /usr/bin/gpg --batch --check-trustdb 2>/dev/null

along with --no-auto-check-trustdb to avoid trustdb computations during
normal operations.



Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.

More information about the Gnupg-users mailing list