[kleopatra] [Bug 441957] New: kleopatra: Creates unsafe ~/.gnupg when not already present
Rex Dieter
bugzilla_noreply at kde.org
Fri Sep 3 18:52:58 BST 2021
https://bugs.kde.org/show_bug.cgi?id=441957
Bug ID: 441957
Summary: kleopatra: Creates unsafe ~/.gnupg when not already
present
Product: kleopatra
Version: 3.1.12
Platform: Other
OS: Linux
Status: REPORTED
Severity: normal
Priority: NOR
Component: general
Assignee: aheinecke at gnupg.org
Reporter: rdieter at gmail.com
CC: kdepim-bugs at kde.org, mutz at kde.org
Target Milestone: ---
Tested with:
$ kleopatra --version
kleopatra 3.1.12 (20.12.2)
on fedora 34. Received downstream report,
"kleopatra: Creates unsafe ~/.gnupg when not already present"
https://bugzilla.redhat.com/show_bug.cgi?id=2000292
That I think I have confirmed.
If you let gpg2 (and friends) create a fresh ~/.gnupg , ownership/perms as
such:
$ gpg2
gpg: directory '/home/rdieter/.gnupg' created
gpg: keybox '/home/rdieter/.gnupg/pubring.kbx' created
gpg: WARNING: no command supplied. Trying to guess what you mean ...
gpg: Go ahead and type your message ...
$ ls -ld ~/.gnupg
drwx------. 1 rdieter rdieter 92 Sep 3 12:51 /home/rdieter/.gnupg
But if that dir doesn't exist and I start kleopatra, I end up with:
$ ls -ld ~/.gnupg*
drwxrwxr-x. 1 rdieter rdieter 98 Sep 3 12:28 /home/rdieter/.gnupg
--
You are receiving this mail because:
You are on the CC list for the bug.
More information about the Kdepim-bugs
mailing list