On Tue, 23 Jun 2009 16:55, ds...@jabberwocky.com said: > If possible, I'd also add a pause for running gpg processes to exit to > cover a small race condition. Even if the passphrase cache is wiped, > if there is a running gpg process at suspend time, secret material > could still be caught in the hibernation data. GPG does wipe its
That is right. With 2.1 we will change that so that only the gpg-agent performs any private key operations and the gpg2 processes care only about session keys. The latter is not really problematic given that the plaintext is usually also in RAM and thus a lower hanging fruit. (gpgsm already works like this). Shalom-Salam, Werner -- Die Gedanken sind frei. Auschnahme regelt ein Bundeschgesetz. _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users