On 2018-06-04 10:01, John Andersen wrote:
On June 3, 2018 11:17:40 PM PDT, ellanios82 <ellanios82@gmail.com> wrote:
On 04/06/18 06:04, John Andersen wrote:
On 06/03/2018 07:56 PM, David C. Rankin wrote:
On 06/03/2018 03:50 PM, Carlos E. R. wrote:
But can't we assume that some form of Pin Entry did appear, because the OP stated that it did in fact decrypt the file, and showed it to be decrypted in spite of the error message?
Are we not Up the wrong tree barking? (again).
- me , OP : using XFCE on Tumbleweed :
"Decryption : upon entering password , error message appears
saying "Decryption failed" , but , there is a tiny box for "Details" : upon opening details , full-page , there appears
entire file in Decrypted form in PLAIN TEXT !
This is alarming and dangerous ."
So we don't have a pinentry problem. You were asked for and supplied a password.
Nor was it dangerous. You did supply the correct password, and it properly decrypted the file. If you could Key in any random password, or none at all, THAT might be dangerous.
Alarming, perhaps.
Clearly you were alarmed. Now that you know that the only failure was a bogus error message, I rather suspect it's a lot less alarming.
No, it is indeed dangerous. kgpg produced an error, saying "decryption failed", but left a decrypted copy of the file in the directory. This is dangerous: the user thinks his data is still kept secret, but it is not. It is open. A thief stealing the disk would be able to read the secret file. This is a kgpg bug. If the purpose is to read plain text files, I still say to use instead emacs to read them, because it does not generate a deciphered file, but reads it in memory only. Or find another tool to view protected files in memory. -- Cheers / Saludos, Carlos E. R. (from 42.3 x86_64 "Malachite" at Telcontar)