Thoughts on GnuPG and automation
Werner Koch
wk at gnupg.org
Wed Mar 4 13:00:18 CET 2015
On Tue, 3 Mar 2015 16:23, brian at minton.name said:
> It breaks mailpile because gpg-agent is not session aware. A user could
> be logged in locally, using mailpile, and a remote attacker could access
> the web interface of that locally running mailpile instance, which since
> it is talking to the same gpg-agent, would think the remote user is
How do you distinguish between a remote user and a remote hacker? I use
my Gnus MUA most of the time locally, but if need arise I can also login
from remote and use the very same process and gpg-agent.
It is also questionable what remote means: Client-server is a core
principle of Unix and in particular X11.
> I think that one solution would be to have mailpile use a per-session
> gpg home dir.
That is an architectural decision.
BTW, gpg-agent has this --extra-socket feature which distinguishes
between remote and local use (modulo some discussed changes). It would
be easy to extend it in a way that gpg can tell gpg-agent to act as if
it was used via --extra-socket.
Shalom-Salam,
Werner
--
Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz.
More information about the Gnupg-users
mailing list