http://bugzilla.opensuse.org/show_bug.cgi?id=1043530 Bug ID: 1043530 Summary: Kgpg exports secret key and revoke key without asking for key password first Classification: openSUSE Product: openSUSE Distribution Version: Leap 42.3 Hardware: x86-64 OS: openSUSE 42.2 Status: NEW Severity: Critical Priority: P5 - None Component: Security Assignee: security-team@suse.de Reporter: stakanov@freenet.de QA Contact: qa-bugs@suse.de Found By: --- Blocker: --- with I can export a public key, a secret key and a revoke without password? The normal behavior was, before creating a revoke key, before exporting a secret key, you should always be asked the password. If not it is easy to get hold on the key. Observed behavior: KGPG does not ask for the key password when exporting the secret key. KGPG does not ask for the key password when creating a revoke key. Normal behavior: KGPG asks for the key password before enacting the export of the secret key. KGPG asks for the key password before creating a revoke key. -- You are receiving this mail because: You are on the CC list for the bug.