On 7/04/2015 5:56 am, Peter Lebbing wrote: > On 06/04/15 18:04, Ben McGinnes wrote: >> or enclose all GPG key UIDs in quotation marks in order to mitigate >> that (a feature request for The Bat!). > > I think that would be quite an exploitable bug, passing UIDs to be > parsed by a shell... I hope they already don't do that. Is a shell > even involved I wonder?
Well, that's the thing, The Bat! is a Windows only MUA, so it never deals with a shell, but treating this as an issue with GPG potentially affects the rest of us on operating systems where that matters. > PS: Little Bobby Tables' baby brother has been born, ; rm -rf / ;. He > already has an OpenPGP key! Please send him an encrypted birthday card > with The Bat! ;P Heheh. :) Regards, Ben
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
