xdg-desktop-portal icon indicating copy to clipboard operation
xdg-desktop-portal copied to clipboard

Published 20 hours ago verified publisher icon flatpak

Portal for GPG encryption/decryption

Open AdrianKoshka opened this issue 6 years ago • 7 comments

Heyo, I recently made Thunderbird available as a fatpak on flathub, but right now Enigmail/GnuPG functionality doesn't work. I don't want to expose the entire gpg directory, keys and all, to applications for it though if possible.

AdrianKoshka avatar Apr 03 '18 21:04 AdrianKoshka

That would be awesome! I need this in order to encrypt some sensitive data using a private/public key. Currently, I had to give the application a full access to ~.gnupg directory, which is not a good solution at all...

bilelmoussaoui avatar Oct 03 '18 18:10 bilelmoussaoui

Same issue while trying to do a variety of tasks in emacs, signing commits, read a password from a encrypted file, etc.

A6GibKm avatar May 11 '19 01:05 A6GibKm

To make progress here I'd say an application that relies on this needs to write out its API needs (and ideally make an implementation).

TingPing avatar May 14 '19 02:05 TingPing

seems nobody has suggested to use the Seahorse API just yet, but it may be worth a shot.

muelli avatar May 04 '21 11:05 muelli

--socket=gpg-agent was added with flatpak/flatpak#4958 in version 1.14.0.

RomanRiabenko avatar Feb 26 '23 13:02 RomanRiabenko

I don't believe that invalidates this issue. gpg-socket is a sandbox bypass and not a portal.

TingPing avatar Feb 27 '23 02:02 TingPing

@TingPing does the agent leak secret material to sandbox though? If not, the difference isn't that big.

nanonyme avatar Oct 20 '23 08:10 nanonyme