Skip Menu |
 

This queue is for tickets about the GnuPG-Interface CPAN distribution.

Report information
The Basics
Id: 116571
Status: open
Priority: 0/
Queue: GnuPG-Interface

People
Owner: Nobody in particular
Requestors: KENTNL [...] cpan.org
Cc:
AdminCc:

Bug Information
Severity: (no value)
Broken in: (no value)
Fixed in: (no value)



Subject: Tries to sign with User Private Key

Midway through running the test suite, I got a PinEntry popup prompting for my password to my GPG Private Key.

I find it somewhat questionable the need to sign things on my behalf without me consciously choosing to so, and I'd generally treat such a thing as a security risk.

Though I suspect this is related to either

a) Having a GPG agent running

b) Having the GPG pinentry mechanism set to a QT based pinentry instead of tty based.

This may also be related to 5.22.3-RC2 Testing, but I don't have enough to go on there.

Download (untitled) / with headers
text/plain 576b
On Fri Jul 29 15:15:34 2016, KENTNL wrote: Show quoted text
> Midway through running the test suite, I got a PinEntry popup > prompting for my > password to my GPG Private Key.
I suspect this is due to your using GnuPG 2.1 and the way the test suite interacts with the agent from that version. It was probably not prompting you for your own gpg private key, but rather for the private key associated with the test suite. This is still a bug, though, and an annoying one. The fixes i've posted to https://rt.cpan.org/Ticket/Display.html?id=102651 should resolve this issue for you, i think.


This service is sponsored and maintained by Best Practical Solutions and runs on Perl.org infrastructure.

Please report any issues with rt.cpan.org to rt-cpan-admin@bestpractical.com.