Thoughts on GnuPG and automation

Werner Koch wk at
Wed Mar 4 13:00:18 CET 2015

On Tue,  3 Mar 2015 16:23, brian at said:
> It breaks mailpile because gpg-agent is not session aware.  A user could
> be logged in locally, using mailpile, and a remote attacker could access
> the web interface of that locally running mailpile instance, which since
> it is talking to the same gpg-agent, would think the remote user is

How do you distinguish between a remote user and a remote hacker?  I use
my Gnus MUA most of the time locally, but if need arise I can also login
from remote and use the very same process and gpg-agent.

It is also questionable what remote means: Client-server is a core
principle of Unix and in particular X11.

> I think that one solution would be to have mailpile use a per-session
> gpg home dir.

That is an architectural decision.

BTW, gpg-agent has this --extra-socket feature which distinguishes
between remote and local use (modulo some discussed changes).  It would
be easy to extend it in a way that gpg can tell gpg-agent to act as if
it was used via --extra-socket.



Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.

More information about the Gnupg-users mailing list