GnuPG 2.1 Windows 7, pinentry does not allow paste, no way to bypass?

L G lgellert at gmail.com
Mon Jun 4 00:31:05 CEST 2012


> Storing your passphrase in the clipboard is generally considered unwise
> and harmful.  Your passphrase is a high-value secret: putting it on the
> clipboard makes it visible to every other process on your system
> (including malware!).

I understand the risk, and your point is valid.   However, if a machine is
infected with malware, then keystrokes can also be captured, screen shots,
packets, pretty much everything going on.  Considering the low risk nature
of the data this particular key addresses, I'm am comfortable with C&P.
There are other cases where I don't use C&P on purpose.

> Pinentry's refusal to support C&P is not accidental or an oversight.
> It's a deliberate design decision meant to help shield you from malware,
> Trojans, and other skulduggery that people may use to discover your
> passphrase.

I would recommend that users be allowed to decide (via config or command
line option), and provide a sensible default such as the current behavior.

Laurence
-------------- next part --------------
An HTML attachment was scrubbed...
URL: </pipermail/attachments/20120603/c7ef10d9/attachment.htm>


More information about the Gnupg-users mailing list