On Fri, 15 Oct 2010 15:36:51 -0400, "Robert J. Hansen" <r...@sixdemonbag.org> wrote: > On 10/15/10 2:49 PM, Jameson Rollins wrote: > > Without use confirmation in the agent, a malicious program running under > > your account could access your secret key without you knowing it. > > This can still happen with a confirmation prompt. Confirmation cannot > protect against malware running under your account. If the agent pops > up a dialog box, then all I have to do is intercept the dialog box and > answer 'yes.'
Ok, then this protects against malicious programs that are not intercepting the dialog box. Just because a fix for one problem doesn't solve all possible problems does not mean that it should be ignored. Don't let the perfect be the enemy of the good. jamie.
pgpsjIEJQ1fNU.pgp
Description: PGP signature
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
