Page MenuHome GnuPG
Create Task
Maniphest T1730

gpg should avoid a gpg-agent with a different homedir
Closed, ResolvedPublic
Actions

Description

Since gpg-agent now handles files in the homedir (e.g. secret keys), gpg should
not use a gpg-agent that has a different homedir. I am not sure how to do this,
but you probably know or can make one. (help getinfo suggests socket_name but I
don't know how reliable this is).

I am not sure there are valid use cases that justify re-using a gpg-agent with a
different homedir, in favour of just starting a new gpg-agent with the right
homedir. This might be defensive but I think is for the best.

Some logic (such as --delete-key) involves both the public keys and the secret
keys. If gpg and gpg-agent have different views of them, then probably bad
things will happen. Even if you as the gpg developer thinks this is not the
case: outsider developers and users, that want to interact with gpg, will find
it very confusing to have to reason about gpg and gpg-agent that have different
homedirs.

Details

Version
2.1.0

Event Timeline

infinity0 added projects: gnupg, Bug Report.Sep 24 2014, 1:39 AM
infinity0 set Version to 2.1.0.
infinity0 added a subscriber: infinity0.
werner added a subscriber: werner.Sep 25 2014, 8:39 PM

It does not unless you override it with GPG_AGETN_INFO.

werner closed this task as Resolved.Sep 25 2014, 8:39 PM
werner claimed this task.
werner added a project: Not A Bug.
infinity0 reopened this task as Open.Sep 26 2014, 12:14 AM

But this might be done by accident, such as in old shell environments. Do you
consider GPG_AGENT_INFO with a different homedir, to be a valid use case? If
not, you should get rid of it, because otherwise it might be confusing and trip
users up.

werner added a comment.Sep 26 2014, 2:10 PM

I am not yet sure whether to keep GPG_AGENT_INFO.

werner lowered the priority of this task from Normal to Wishlist.Sep 26 2014, 2:10 PM
werner removed projects: Not A Bug, Bug Report.
werner added a project: Feature Request.
werner added a comment.Oct 3 2014, 1:04 PM

Well, I removed all support for GPG_AGENT_INFO.

werner closed this task as Resolved.Oct 3 2014, 1:04 PM