GNU bug report logs -
#15553
24.3.50; epg.el and GnuPG 2.x cause unavoidable pinentry prompts for symmetrically encrypted files
Previous Next
Reported by: Teodor Zlatanov <tzz <at> lifelogs.com>
Date: Mon, 7 Oct 2013 18:04:02 UTC
Severity: normal
Tags: notabug
Found in version 24.3.50
Done: Daiki Ueno <ueno <at> gnu.org>
Bug is archived. No further changes may be made.
Full log
Message #21 received at 15553 <at> debbugs.gnu.org (full text, mbox):
>> - on a headless server this can lock up Emacs
That's not good. We should try to make sure that detect the
problematic situation, or make it easy for the user to get out of it
(with something like a C-g).
>> - if the GPG agent is dead, locked up, or not running, there's no remedy
> Ditto.
It can be very annoying for the user, and tricky to trackdown, so it's
clearly a real problem. Of course, I have no idea how easy it would be
to fix it, but that doesn't make it a non-problem. It incidentally does
sound like it matches the symptom of a problem I've had a few times
(tho I never bothered to track it down enough to be able to confirm
that it was indeed this problem).
>> - there's no way to avoid the prompt in favor of an Emacs minibuffer query
> As I said a number of times, that degrades security. If the insecurity
> is okay for you, what's the reason you want to use GnuPG 2.x rather than
> GnuPG 1.x?
Maybe the user doesn't really want to use gpg2 (maybe it's installed for
some other user, maybe gpg1 is not installed for some reason, or maybe
the user didn't realize that gpg1 is not obsoleted by gpgp2), yet the
user may not care about the degraded security.
Stefan
This bug report was last modified 11 years and 229 days ago.
Previous Next
GNU bug tracking system
Copyright (C) 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson.