Skip to content

Add --no-symkey-cache? #2

Description

@otto-dev

From the docs

--symmetric [...] gpg caches the passphrase used for symmetric encryption so that a decrypt operation may not require that the user needs to enter the passphrase. The option --no-symkey-cache can be used to disable this feature.

Is it just me, or is that a rather ridiculous default? Meaning, that by default anyone with access to the shell can decrypt the file without knowing the passphrase while the password is still in cache from the encryption process.

Can be "fixed" by adding --no-symkey-cache

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Fields

    No fields configured for issues without a type.

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions