path defaults for gpg.conf
jw72253 at verizon.net
Fri Feb 1 17:08:58 CET 2013
I sincerely appreciate your replies. Like the other poster asking about the
current directory issue, I too am curious about why including it would
result in a less secure situation. Perhaps an example of how so would be
helpful in this regard, at least for me or someone else who is not a
programmer to understand your point. As I recall from reading the
instructions for the many programs I use, I have always read that a
program's executable looks into its own directory as part of its routine in
searching for files it needs; so your statement about using it ("the current
directory would be a decision for the program's author") did come as a bit
of a surprise because I was under the impression that this was normally
unavoidable and just a result of how the code of an executable must
function, at least in Windows OS. Apparently, that is not so?
"Olav Seyfarth" wrote in message
news:510B641C.9020609__38264.0061238364$1359701121$gmane$org at enigmail.net...
-----BEGIN PGP SIGNED MESSAGE-----
> Is that about right, then?
> Would it not be true that gpg.exe would finally look in its own current
> directory, which should suffice consequently for this purpose?
That's an authors' decision. I'm fine with it. It gives you many means to
control your environment - and for security products I prefer NOT to include
the 'current dir' default.
The Enigmail Project - OpenPGP Email Security For Mozilla Applications
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.19 (MingW32)
Comment: Dies ist eine elektronische Signatur - http://www.enigmail.net/
-----END PGP SIGNATURE-----
More information about the Gnupg-users