Agent socket security model documentation

[Penn Mackintosh]

Hi,

Is there any documentation on the correct agent sockets to expose for 
different levels of trust?

All I could find are these two:

  * https://wiki.gnupg.org/AgentForwarding
     > The extra socket is more restricted then the normal socket and
    Pinentry messages will differ when gpg-agent is accessed over this
    socket
  * https://www.gnupg.org/documentation/manuals/gnupg/Agent-Options.html
     > The intended use for this extra socket is to setup a Unix domain
    socket forwarding from a remote machine to this socket on the local
    machine. A gpg running on the remote machine may then connect to the
    local gpg-agent and use its private keys. This enables decrypting or
    signing data on a remote machine without exposing the private keys
    to the remote machine.

It might be good to have some documentation on this front, so that 
people who want to share their GPG agent sockets in new ways can do this 
safely. For example it is non-obvious that code execution can be 
triggered on some systems via S.gpg-agent but not via S.gpg-agent.extra.

Unfortunately I'm not well enough acquainted with GPG to write 
comprehensive documentation myself, but I'd probably start with a 
description of how much trust and power is assigned to each socket, 
perhaps with some examples.

Cheers,
Penn

-- 
Penn Mackintosh (he/him)

-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_0x7319A9305193F906.asc
Type: application/pgp-keys
Size: 5722 bytes
Desc: OpenPGP public key
URL: <https://lists.gnupg.org/pipermail/gnupg-devel/attachments/20250819/b2688635/attachment.key>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_signature.asc
Type: application/pgp-signature
Size: 488 bytes
Desc: OpenPGP digital signature
URL: <https://lists.gnupg.org/pipermail/gnupg-devel/attachments/20250819/b2688635/attachment.sig>