Kleopatra should fallback to the filename included in the pgp message in case a file has no extension after decryption.
I know that this is problematic because the filename is not signed but I think that it is better then to let the user "guess" what file he received.
This is especially important for PGP/Partioned stuff sent out by symantec.
Description
Description
Details
Details
- External Link
- https://wald.intevation.org/forum/forum.php?thread_id=2032&forum_id=84&group_id=11
- Version
- master
Revisions and Commits
Revisions and Commits
| rKLEOPATRA Kleopatra | |||
| rKLEOPATRA84c4d2bc0bd6 Show embedded file name if it differs | |||
| Status | Assigned | Task | ||
|---|---|---|---|---|
| Resolved | • aheinecke | T4390 Kleopatra: Fall back to included filenames for files without extension | ||
| Resolved | • aheinecke | T4264 Gpg4win 3.1.6 | ||
| Resolved | • werner | T4289 GnuPG 2.1.12 release |
Event Timeline
Comment Actions
If the filename embedded in the encrypted message differs from the filename Kleopatra uses (which is derived from the file system filename) Kleopatra will now show the filename. This should cover the case where users receive an "Attachment.pgp" and do not know what that is.
I think this is better then using the filename automatically because this would allow attacks like calling a file "README.pgp" and then having an embedded name of "README.exe".