Commit a03a211
committed
Never use a restricted agent connection
Enumerating secret keys with "KEYINFO --list" does not work over a
restricted connection. As a result, gpg prints
"gpg: problem with fast path key listing: Forbidden - ignored", which
Mutt interprets as a prompt the user must respond to. This causes the
user to need to press enter twice to send a signed email. Sequoia
Chameleon does not implement the fallback and is unable to list secret
keys or decrypt messages. The filtering done by split-gpg2 is far
stronger than what gpg-agent does, so there is no loss of security.
Fixes: QubesOS/qubes-issues#94831 parent 80fc81e commit a03a211
1 file changed
Lines changed: 8 additions & 4 deletions
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
454 | 454 | | |
455 | 455 | | |
456 | 456 | | |
457 | | - | |
458 | | - | |
459 | | - | |
460 | | - | |
| 457 | + | |
| 458 | + | |
| 459 | + | |
| 460 | + | |
| 461 | + | |
| 462 | + | |
| 463 | + | |
| 464 | + | |
461 | 465 | | |
462 | 466 | | |
463 | 467 | | |
| |||
0 commit comments