Hi Richard, Le vendredi 09 novembre 2007 à 17:35 +0000, Richard Lewis a écrit : > Package: rkhunter > Version: 1.2.9-2 > Severity: normal > > The cron job produces this every day, but the file in question has > permissions 0600. It seems this happens because rkhunter runs gpg as > a user (presumably root) other than the owner of gpg.conf.
This warning isn't issued by rkhunter but by GnuPG itself. This is linked to the *ownership* (and not permissions) of gpg.conf. I would guess your file is owned by another user as yours (which is a potential security risk), either resulting from moving this file from another user or running gpg with sudo. I get this warning when using 'sudo gpg --version', as gpg still considers its home to be /home/user/.gnupg/ (try 'sudo echo $HOME' to understand why). Would you please check and confirm? Cheers, Julien
