On Tue 2016-11-22 11:20:26 -0500, Carola Grunwald wrote: > They don't have direct access to any key. Nevertheless by using someone > else's cached passphrase with 2.1 and its all-embracing keyring they may > succeed in decoding data not meant for them.
fwiw, the same concerns hold for a shared gpg-agent passphrase-cache from pre-2.1 versions of gpg as well, right? your model sounds like it needs to use a separate agent per user, regardless of which version of the agent you're using. --dkg _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users