[kleopatra] [Bug 441957] New: kleopatra: Creates unsafe ~/.gnupg when not already present

Rex Dieter Fri, 03 Sep 2021 10:53:18 -0700

https://bugs.kde.org/show_bug.cgi?id=441957


            Bug ID: 441957
           Summary: kleopatra: Creates unsafe ~/.gnupg when not already
                    present
           Product: kleopatra
           Version: 3.1.12
          Platform: Other
                OS: Linux
            Status: REPORTED
          Severity: normal
          Priority: NOR
         Component: general
          Assignee: aheine...@gnupg.org
          Reporter: rdie...@gmail.com
                CC: kdepim-b...@kde.org, m...@kde.org
  Target Milestone: ---

Tested with:
$ kleopatra --version
kleopatra 3.1.12 (20.12.2)

on fedora 34.  Received downstream report,
"kleopatra: Creates unsafe ~/.gnupg when not already present"
https://bugzilla.redhat.com/show_bug.cgi?id=2000292

That I think I have confirmed.

If you let gpg2 (and friends) create a fresh ~/.gnupg , ownership/perms as
such:
$ gpg2
gpg: directory '/home/rdieter/.gnupg' created
gpg: keybox '/home/rdieter/.gnupg/pubring.kbx' created
gpg: WARNING: no command supplied.  Trying to guess what you mean ...
gpg: Go ahead and type your message ...

$ ls -ld ~/.gnupg
drwx------. 1 rdieter rdieter 92 Sep  3 12:51 /home/rdieter/.gnupg

But if that dir doesn't exist and I start kleopatra, I end up with:
$ ls -ld ~/.gnupg*
drwxrwxr-x. 1 rdieter rdieter 98 Sep  3 12:28 /home/rdieter/.gnupg

-- 
You are receiving this mail because:
You are watching all bug changes.

[kleopatra] [Bug 441957] New: kleopatra: Creates unsafe ~/.gnupg when not already present

Reply via email to