On Mon, Mar 01, 2004 at 12:40:43PM EST, Stewart V. Wright wrote: > * Christoph Berg <cb@xxxxxxxxxxxxxxxx> [040301 17:22]: > > > 2) Are you are using the gpg.rc that comes with mutt? > > > > Your distribution should ship one that works fine. The one shipped with > > Mutt should work after adjusting some paths. > > Huh? I didn't know there were any paths hardwired in gpg.rc ... That > would be a "Bad Thing^TM". Well, it's safer if gpg.rc knows the exact location of your GnuPG binaries, since otherwise, somebody with . before /path/to/gpg would be vulnerable to a stray executable gpg in his current directory. As you can tell from my gpg.rc [1], I don't give a damn. (I also don't have . in my path until much much later.) The way I install packages on my system, managing a static $PATH is nearly impossible (as a trade-off to easy local installations of packages, and reliable removal of packages that don't uninstall themselves properly - or at all), so being able to override GPG's location at runtime using $PATH is an indispensable feature for me. If you just install everything in /usr/local or /usr, though, you can gain additional security by hardwiring paths. - Dave [1] http://www.bigfatdave.com/dave/mutt/muttdir/gpg.rc -- Uncle Cosmo, why do they call this a word processor? It's simple, Skyler. You've seen what food processors do to food, right? Please visit this link: http://rotter.net/israel
Attachment:
pgpI4V3GYhMjW.pgp
Description: PGP signature