On Thu, Feb 16, 2012 at 09:52:47PM +0000, Robert Ransom wrote: > On 2012-02-15, intrigeri <[email protected]> wrote: > > >>> 2. some software that is particularly important in the context of > >>> Tails [0]: I'm mainly thinking of Tor, but GnuPG and icedove also > >>> come to mind. > > > >> What did you have in mind for GPG? Protecting it from itself is a bit > >> tricky. :) > > > > I don't intend to protect GnuPG from itself. > > By design, GnuPG handles much untrusted data. > > I would like to protect the rest of the system from GnuPG. > > Does it make sense, or did I miss something obvious? > > (I'm pretty new in this landscape, so it would not surprise me if I had.) > > During normal operation, GnuPG is intended to read the user's secret > keyring and open and use network connections. In some cases, GPG is > intended to do both in the same execution (e.g. decrypting a > public-key-encrypted message, then verifying a signature containing a > keyserver URL). > > The consequences of GPG being compromised are so severe that I don't > see a benefit in trying to protect the surrounding system from a > compromised GPG process.
That's traditionally been my view as well -- GPG is usually considered the high-value target itself. I'm not opposed to having a gpg profile; I just hadn't considered one before. :P -Kees -- Kees Cook @debian.org _______________________________________________ tails-dev mailing list [email protected] https://mailman.boum.org/listinfo/tails-dev
