* Laurent Jumet <[EMAIL PROTECTED]> wrote: > > Many mail clients will assume that any GPG message is encrypted and > > prompt for a passphrase prior to invoking GPG. > > Are you sure? > Security wouldn't be compromised if passphrase is given to anything else > then gpg?
F.e. mutt itself asks for a passphrase and passes it on to gpg. It's a normal thing for email clients to do, as with frontends for gpg as well. In case an attacker replaces the gpg binary with a wrapper... well, security is compromised the moment when an attacker gains system access anyway. Btw, good to see GoldEd still floating around. How's fidonet? -- 2:2433/480 Sorry to the people I drove nuts back then, hehe
pgpuLcMMaWO04.pgp
Description: PGP signature
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
