On Thu, Mar 20, 2014 at 2:53 AM, Alfredo Pironti <[email protected]> wrote: > I think you're correct. The other case I see (just for completeness), is > when the attacker gets access to your account, but not root. In that case > umask does not protect you, but maybe the attacker cannot alter the gpg > binary or dump the memory of an arbitrary process.
Trivial to LD_PRELOAD or a bunch of other tricks in that case. _______________________________________________ Password-Store mailing list [email protected] http://lists.zx2c4.com/mailman/listinfo/password-store
