kleopatra flatpak issue
Jacob Bachmeyer
jcb62281 at gmail.com
Thu Mar 27 03:12:26 CET 2025
On 3/26/25 15:44, kevin via Gnupg-users wrote:
> [...]
> So yeah about kleopatra flatpak, i see that after removing the socket services and killing all running gpg services by `gpgconf --kill all` i tried opening keloptra (flatpak) to see if it invokes the system gpg-agent and does all the functions but i noticed that it failed any signing , encryption or decryption functions. It could not even list the keys from keyboxd that were imported earlier. So it seems maybe the flatpak version doesn't have its own gpg-agent or maybe this is an actual bug or a limitation with flatpak that it couldn't invoke system gpg services or use its own. [...]
I will speculate that the flatpak sandbox allows access to the "system"
keyboxd and gpg-agent sockets but *not* to the actual keyring files.
I am unsure how much of a security boundary that actually is: is access
to keyboxd equivalent to access to the underlying keyrings?
-- Jacob
More information about the Gnupg-users
mailing list