Should gpg try to connect to TCP/993?

Mikhail Morfikov mmorfikov at
Thu Oct 24 14:56:08 CEST 2019

On 24/10/2019 08:21, Patrick Brunschwig wrote:
> Your guess is perfectly right, that's exactly what happens. Enigmail
> uses a standard library provided by Mozilla for add-ons to execute
> processes. Earlier versions of the library did close all file
> descriptors correctly. But the library is written in JavaScript, and
> closing all file descriptors could sometimes lead to Thunderbird/Firefox
> crashes. Therefore that part has been disabled.
> It's therefore not surprising to see such open connections from gpg
> processes, but I don't consider this bad.

Thanks for the info -- at least I know what's going on. Now I'm just 
wonder how I'm supposed to write my FW policy when apps can behave like 
this one... Fortunately it's just TB so far (from ~150 apps), so making
one exception isn't that big of a deal.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 228 bytes
Desc: OpenPGP digital signature
URL: <>

More information about the Gnupg-users mailing list