Public bug reported:
Ubuntu 13.04
Enigmail 1.5.2 from Repos
Seahorse 3.6.3
On a plain vanilla Ubuntu 13.04 using Thunderbird with Enigmail, the gpg
key-passphrase is cached until the end of the session. There is no
obvious way to change this behaviour. IMHO this is not acceptable in a
security sensitive matter like caching the gpg key passphrase.
Changing the settings in Enigmail brings up a message that gpg-agent is
used, and the settings are therefore ignored. Actually there is no gpg-
agent installed on vanilla Ubuntu 13.04. Instead Seahorse (gnome-
keyring-daemon) handles the passphrase caching . Seahorse offers no
options to change passphrase caching at all though.
Installing gpg-agent and pinentry doesn't change this behaviour either.
Seahorse keeps handling the passphrase.
The only workaround is starting Thunderbird with a script containing
'unset GPG_AGENT_INFO'. This keeps Seahorse out and empowers Enigmail to
handle the passphrase by itself. It is possible then to fully configure
passphrase caching as intended. Also it is possible then to set up gpg-
agent to handle the passphrase.
I am not sure where the bug actually resides. Somehow Seahorse is really
stubborn in handling the passphrase while not being configurable at all.
There should be a way to keep Seahorse from caching the passphrase and
to easily setup another passphrase agent.
** Affects: enigmail (Ubuntu)
Importance: Undecided
Status: New
** Description changed:
Ubuntu 13.04
Enigmail 1.5.2 from Repos
Seahorse 3.6.3
On a plain vanilla Ubuntu 13.04 using Thunderbird with Enigmail, the
- key-passphrase is kept until the end of the session. There is no obvious
- way to change this behaviour. IMHO this is not acceptable in a security
- sensitive matter like caching the gpg key passphrase.
+ key-passphrase is cached until the end of the session. There is no
+ obvious way to change this behaviour. IMHO this is not acceptable in a
+ security sensitive matter like caching the gpg key passphrase.
Changing the settings in Enigmail brings up a message that gpg-agent is
used, and the settings are therefore ignored. Actually there is no gpg-
agent installed on vanilla Ubuntu 13.04. Instead Seahorse (gnome-
keyring-daemon) handles the passphrase caching . Seahorse offers no
options to change passphrase caching at all though.
Installing gpg-agent and pinentry doesn't change this behaviour either.
Seahorse keeps handling the passphrase.
The only workaround is starting Thunderbird with a script containing
'unset GPG_AGENT_INFO'. This keeps Seahorse out and empowers Enigmail to
handle the passphrase by itself. It is possible then to fully configure
passphrase caching as intended. Also it is possible then to set up gpg-
agent to handle the passphrase.
I am not sure where the bug actually resides. Somehow Seahorse is really
stubborn in handling the passphrase while not being configurable at all.
There should be a way to keep Seahorse from caching the passphrase and
to easily setup another passphrase agent.
** Description changed:
Ubuntu 13.04
Enigmail 1.5.2 from Repos
Seahorse 3.6.3
- On a plain vanilla Ubuntu 13.04 using Thunderbird with Enigmail, the
+ On a plain vanilla Ubuntu 13.04 using Thunderbird with Enigmail, the gpg
key-passphrase is cached until the end of the session. There is no
obvious way to change this behaviour. IMHO this is not acceptable in a
security sensitive matter like caching the gpg key passphrase.
Changing the settings in Enigmail brings up a message that gpg-agent is
used, and the settings are therefore ignored. Actually there is no gpg-
agent installed on vanilla Ubuntu 13.04. Instead Seahorse (gnome-
keyring-daemon) handles the passphrase caching . Seahorse offers no
options to change passphrase caching at all though.
Installing gpg-agent and pinentry doesn't change this behaviour either.
Seahorse keeps handling the passphrase.
The only workaround is starting Thunderbird with a script containing
'unset GPG_AGENT_INFO'. This keeps Seahorse out and empowers Enigmail to
handle the passphrase by itself. It is possible then to fully configure
passphrase caching as intended. Also it is possible then to set up gpg-
agent to handle the passphrase.
I am not sure where the bug actually resides. Somehow Seahorse is really
stubborn in handling the passphrase while not being configurable at all.
There should be a way to keep Seahorse from caching the passphrase and
to easily setup another passphrase agent.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1239117
Title:
Enigmail Passphrase Cache not configurable
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/enigmail/+bug/1239117/+subscriptions
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
