On Tue, 3 Mar 2015 16:23, br...@minton.name said: > It breaks mailpile because gpg-agent is not session aware. A user could > be logged in locally, using mailpile, and a remote attacker could access > the web interface of that locally running mailpile instance, which since > it is talking to the same gpg-agent, would think the remote user is
How do you distinguish between a remote user and a remote hacker? I use my Gnus MUA most of the time locally, but if need arise I can also login from remote and use the very same process and gpg-agent. It is also questionable what remote means: Client-server is a core principle of Unix and in particular X11. > I think that one solution would be to have mailpile use a per-session > gpg home dir. That is an architectural decision. BTW, gpg-agent has this --extra-socket feature which distinguishes between remote and local use (modulo some discussed changes). It would be easy to extend it in a way that gpg can tell gpg-agent to act as if it was used via --extra-socket. Shalom-Salam, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
