Beware of leftover gpg-agent processes (was: Re: Changes for GnuPG in debian)
Ian Jackson writes ("Beware of leftover gpg-agent processes (was: Re: Changes for GnuPG in debian)"):
> Johannes Schauer writes ("Beware of leftover gpg-agent processes (was: Re: Changes for GnuPG in debian)"):
> > Quoting Daniel Kahn Gillmor (2016-08-04 18:29:03)
> > > One of the main differences is that all access to your secret key
> > > will be handled through gpg-agent, which should be automatically
> > > launched as needed.
> > it might be important to note that gpg launching this gpg-agent
> > process is not optional and that it will automatically be launched
> > and continue running in the background for many gpg operations.
> This is rather alarming. As a longtime gpg1 user I hadn't appreciated
> Could we not have gpg2 not only automatically launch the agent, but
> also automatically terminate it. This would provide the same UI and
> same persistence properties as gpg1.
> I don't think a general change to a timeout-based persistence model is
> a good idea in itself; and of course there are the practical problems
> Johannes mentions.
This (and the change to gnupg2) has now broken dgit's DEP-8 test
suite, when run under schroot. I'm discussing this in #840669 (CC'd).
I am trying to persaude Daniel that we should provide (at least
optionally) a mode where an autostarted agent (and the corresponding
authorisations, if the user types in a passphrase) have a lifetime
limited by that of the gpg process which started the agent.
Ian Jackson <email@example.com> These opinions are my own.
If I emailed you from an address @fyvzl.net or @evade.org.uk, that is
a private address which bypasses my fierce spamfilter.