path defaults for gpg.conf

John jw72253 at verizon.net
Fri Feb 1 17:08:58 CET 2013 

Hello, Olav.

I sincerely appreciate your replies. Like the other poster asking about the 
current directory issue, I too am curious about why including it would 
result in a less secure situation. Perhaps an example of how so would be 
helpful in this regard, at least for me or someone else who is not a 
programmer to understand your point.  As I recall from reading the 
instructions for the many programs I use, I have always read that a 
program's executable looks into its own directory as part of its routine in 
searching for files it needs; so your statement about using it ("the current 
directory would be a decision for the program's author") did come as a bit 
of a surprise because I was under the impression that this was normally 
unavoidable and just a result of how the code of an executable must 
function, at least in Windows OS. Apparently, that is not so?

John


"Olav Seyfarth"  wrote in message 
news:510B641C.9020609__38264.0061238364$1359701121$gmane$org at enigmail.net...

-----BEGIN PGP SIGNED MESSAGE-----
Hash: RIPEMD160

Hello, John.

> Is that about right, then?

Yes.

> Would it not be true that gpg.exe would finally look in its own current
> directory, which should suffice consequently for this purpose?

That's an authors' decision. I'm fine with it. It gives you many means to
control your environment - and for security products I prefer NOT to include
the 'current dir' default.

Olav
- -- 
The Enigmail Project - OpenPGP Email Security For Mozilla Applications
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.19 (MingW32)
Comment: Dies ist eine elektronische Signatur - http://www.enigmail.net/

iQGcBAEBAwAGBQJRC2QRAAoJEKGX32tq4e9W4LoL/3Wc98duCWfubv6dKHB9NFWK
ST97zRBmZuBE457S2YB/kPQ8CUH7aIOwgvkhRq9bw2bZKyyVwd15LRP7pnLpL4J1
bOq2CU8qYEFsT5e/GFuyA5Yp/Pt7Vvy/4ok9v5uXUJ2uzrPwZc7ZamcEku6nZDLc
s+eUuu3Nlj93eYPnOnlmWKHKpSKQfQJnmMHHjTChLKjZxwflkd32no/qZ/RNbnm+
k4+W2j+g2P6v5pd0hmo51LPA7KuOAoXdVhJxg10jYUOV9p5zhLE7w9nDt0S2HG/y
uyFQ6g/AZIPqqVj7ksbcTpFSoz72AiuiWAnMuB1Ga834fOLyaZZd9LSewdMqdc94
Dio7fVM5MUB/MtpvHq3IPG3LI2/cbTo5couer+CaVyBhB2eSKj8Ku322iC6P4foO
X75Dso7STxrisezWu29hMw8pioqSOawx+yoROlD8DViMxFCU3s6cv5f1wtVQsAi/
BkFxx4wbOIJK2Qci+VeVEdP8X7FnfdWFl4RaBFVU/w==
=nG/j
-----END PGP SIGNATURE-----

More information about the Gnupg-users mailing list