Page MenuHome GnuPG
Create Task
Maniphest T1443

gpg always leaves files world-readable (security)
Closed, ResolvedPublic
Actions

Description

We have been notified about a potential issue with gpg. When de/en-crypting files,
it will always automatically place them world-readable by default. Examples:

de-crypting

% gpg sikrit.gpg
% ll sikrit*

  -rw-r--r-- 1 gp users  12 Sep 17 09:41 sikrit
  -rw------- 1 gp users 480 Sep 17 09:40 sikrit.gpg

en-crypting

% chmod go= sikrit
% ll sikrit

-rw------- 1 gp users 12 Sep 17 09:38 sikrit

% gpg -e -r foo sikrit
% wipe sikrit
% ll sikrit.gpg

  -rw-r--r-- 1 gp users 480 Sep 17 09:40 sikrit.gpg

One usually expects that files which get encrypted also contain sensitive content.
Otherwise encryption would not have made that much sense anyway, right? Thus when
de-crypting, you therefore possibly also do not want everybody (ie world-readable)
to be able to read the file's (sensitive) content again in the end.

Feedback is welcome.

(Yes, we are aware of umask(1p), but still...)

Event Timeline

mweckbecker_suse.de added projects: gnupg, Bug Report.Sep 19 2012, 11:24 AM
mweckbecker_suse.de added a subscriber: mweckbecker_suse.de.
werner added a subscriber: werner.Sep 26 2012, 2:57 PM

Make sure your umask is setup properly. This is standard Unix behaviour and
nothing GPG can do about. Whether you use --output or the usual redirection
shall not make a difference.

In any case we can't change the behaviour of --output created files becuase that
would break all kind of users.

werner added a project: Not A Bug.Sep 26 2012, 2:57 PM
werner closed this task as Resolved.Jun 2 2014, 8:01 PM
werner claimed this task.