Fwd: security/pinentry-qt5

Matthias Apitz guru at unixarea.de
Sat Feb 22 10:13:56 CET 2020


fyi; maybe it's a change somewhere in GnuPG land?

----- Forwarded message from Matthias Apitz <guru at unixarea.de> -----

Date: Sat, 22 Feb 2020 10:11:20 +0100
From: Matthias Apitz <guru at unixarea.de>
To: jhale at FreeBSD.org, freebsd-ports at freebsd.org
Subject: security/pinentry-qt5


Hello,

I use security/pinentry-qt5 in KDE5 on FreeBSD CURRENT (all from SVN
HEAD, compiled by my own, ports with poudriere on February, 11).

security/pinentry-qt5 is used to unlock my OpenPGP card. In the past the
pinentry-qt5 pop-up window have had automatically the focus, now the
focus stays in the terminal window from one starts, for example, the SSH
session und the PIN goes into the terminal window, visible to all and is
executed as command on the remoe host and then there in the bash
history. This is highly a security risk!

Any idea how to avoid this or what triggered this change of behaviour?

Thanks

	matthias 
_______________________________________________
freebsd-ports at freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-ports
To unsubscribe, send any mail to "freebsd-ports-unsubscribe at freebsd.org"

----- End forwarded message -----

-- 
Matthias Apitz, ✉ guru at unixarea.de, http://www.unixarea.de/ +49-176-38902045
Public GnuPG key: http://www.unixarea.de/key.pub
May, 9: Спаси́бо освободители! Thank you very much, Russian liberators!



More information about the Gnupg-users mailing list