Mailinglist Archive: opensuse (1352 mails)

< Previous Next >
Re: [opensuse] KGPG : Serious fault
On 06/04/2018 02:11 AM, Carlos E. R. wrote:
No, it is indeed dangerous.

kgpg produced an error, saying "decryption failed", but left a decrypted
copy of the file in the directory. This is dangerous: the user thinks
his data is still kept secret, but it is not. It is open. A thief
stealing the disk would be able to read the secret file.

This is a kgpg bug.

Nobody is arguing that it isn't a bug.
The user asked for a decrypted file. The user got one.

Sending them to that monstrously large and bloated EMACs which
does NOT create a file (which is what the user asked for) is
counter productive.

Using a 16 Inch Naval Battleship Gun to swat a fly, and then MISSING the target
completely.

--
After all is said and done, more is said than done.

< Previous Next >
Follow Ups