On 24/10/2019 08:21, Patrick Brunschwig wrote: > Your guess is perfectly right, that's exactly what happens. Enigmail > uses a standard library provided by Mozilla for add-ons to execute > processes. Earlier versions of the library did close all file > descriptors correctly. But the library is written in JavaScript, and > closing all file descriptors could sometimes lead to Thunderbird/Firefox > crashes. Therefore that part has been disabled. > > It's therefore not surprising to see such open connections from gpg > processes, but I don't consider this bad.
Thanks for the info -- at least I know what's going on. Now I'm just wonder how I'm supposed to write my FW policy when apps can behave like this one... Fortunately it's just TB so far (from ~150 apps), so making one exception isn't that big of a deal.
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users