[Bug 92619] Possibility for KMail to view all encrypted emails if gpg-agent is not running
Alexis Papadopoulos
iacp at free.fr
Thu Aug 23 10:46:14 UTC 2007
------- You are receiving this mail because: -------
You are on the CC list for the bug, or are watching someone who is.
http://bugs.kde.org/show_bug.cgi?id=92619
------- Additional Comments From iacp free fr 2007-08-23 12:46 -------
Just poiting out that I did some work on this issue (I hadn't read this report though at the time).
I simply added a dialog asking for a passphrase when gpg-agent is not running. This is what libkpgp and qgpgme too, but for some reason cryptplug does not define a passphrase callback.
This does not raise any security issues, the behaviour being the same as qgpgme and the passphrase is not in any way stored.
You can follow the discussion in the ML here: http://lists.kde.org/?t=118673691300005&r=1&w=2
Btw, I'm attaching the patch too... Ideally, all gpg related operations should use one and only library, libkleo... From what I understand here (http://lists.kde.org/?l=kde-commits&m=118323828925628&w=2) libkpgp will be deprecated.
More information about the pkg-kde-bugs-fwd
mailing list