Should gpg try to connect to TCP/993?
Mikhail Morfikov
mmorfikov at gmail.com
Thu Oct 24 14:56:08 CEST 2019
On 24/10/2019 08:21, Patrick Brunschwig wrote:
> Your guess is perfectly right, that's exactly what happens. Enigmail
> uses a standard library provided by Mozilla for add-ons to execute
> processes. Earlier versions of the library did close all file
> descriptors correctly. But the library is written in JavaScript, and
> closing all file descriptors could sometimes lead to Thunderbird/Firefox
> crashes. Therefore that part has been disabled.
>
> It's therefore not surprising to see such open connections from gpg
> processes, but I don't consider this bad.
Thanks for the info -- at least I know what's going on. Now I'm just
wonder how I'm supposed to write my FW policy when apps can behave like
this one... Fortunately it's just TB so far (from ~150 apps), so making
one exception isn't that big of a deal.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 228 bytes
Desc: OpenPGP digital signature
URL: <https://lists.gnupg.org/pipermail/gnupg-users/attachments/20191024/1c020ff3/attachment-0001.sig>
More information about the Gnupg-users
mailing list