mirror of
git://git.gnupg.org/gnupg.git
synced 2025-07-03 22:56:33 +02:00
agent: Add option --no-allow-external-cache.
* agent/agent.h (opt): Add field allow_external_cache. * agent/call-pinentry.c (start_pinentry): Act upon new var. * agent/gpg-agent.c (oNoAllowExternalCache): New. (opts): Add option --no-allow-external-cache. (parse_rereadable_options): Set this option. -- Pinentry 0.9.2 may be build with libsecret support and thus an extra checkbox is displayed to allow the user to get passwords out of an libsecret maintained cache. Security aware user may want to avoid this feature and may do this at runtime by enabling this option. Signed-off-by: Werner Koch <wk@gnupg.org>
This commit is contained in:
Werner Koch
parent
02d5e12054
commit
d7293cb317
5 changed files with 53 additions and 13 deletions
|
|
@ -538,6 +538,9 @@ static gc_option_t gc_options_gpg_agent[] =
|
|||
{ "ignore-cache-for-signing", GC_OPT_FLAG_RUNTIME,
|
||||
GC_LEVEL_BASIC, "gnupg", "do not use the PIN cache when signing",
|
||||
GC_ARG_TYPE_NONE, GC_BACKEND_GPG_AGENT },
|
||||
{ "no-allow-external-cache", GC_OPT_FLAG_RUNTIME,
|
||||
GC_LEVEL_BASIC, "gnupg", "disallow the use of an external password cache",
|
||||
GC_ARG_TYPE_NONE, GC_BACKEND_GPG_AGENT },
|
||||
{ "no-allow-mark-trusted", GC_OPT_FLAG_RUNTIME,
|
||||
GC_LEVEL_ADVANCED, "gnupg", "disallow clients to mark keys as \"trusted\"",
|
||||
GC_ARG_TYPE_NONE, GC_BACKEND_GPG_AGENT },
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue