ggp related changes (1.9 - 1.12)?
Kevin J. McCarthy
kevin at 8t8.us
Fri Dec 27 15:42:00 UTC 2019
On Fri, Dec 27, 2019 at 12:12:32PM +0100, Claus Assmann wrote:
>on the system?). However, I can no longer decrypt mails (using gpg
>1.4.23)
>"Could not decrypt ..."
Try refreshing your pgp_* commands against the version in contrib/gpg.rc
in the tarball. 1.10.1 added $pgp_check_gpg_decrypt_status_fd, to check
the status file descriptor for GPG decryption codes, to protect against
spoofing. (1.6.0 also did this a bit less thoroughly, but required
pro-active setting of $pgp_decryption_okay by users to enable it.).
Most likely, the '--status-fd=2' parts are missing from your
$pgp_decode_command and $pgp_decrypt_command. However, it would be good
to just use all the values in the gpg.rc file, to protect against other
issues too. For example, there were some attacks protected against by
the --no-verbose flag, which I've noticed some long-time users don't
have enabled.
--
Kevin J. McCarthy
GPG Fingerprint: 8975 A9B3 3AA3 7910 385C 5308 ADEF 7684 8031 6BDA
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: not available
URL: <http://lists.mutt.org/pipermail/mutt-users/attachments/20191227/c19571c4/attachment.asc>
More information about the Mutt-users
mailing list