When outputting arbitrary text to a terminal, as GnuPG does by default, you are risking the exploitationexploitation of your terminal emulator. New vulnerabilities regarding handling of untrusted text being printed are found all the time, and while the most severe vulnerabilities have been weeded out, they are still an issue. One solution would be to pipe the untrusted output through a command that strips non-printing characters. You can use cat -v for this purpose. From section 3.1 of the coreutils GNU Info page:
When outputting arbitrary text to a terminal, as GnuPG does by default, you are risking the exploitation of your terminal emulator. New vulnerabilities regarding handling of untrusted text being printed are found all the time, and while the most severe vulnerabilities have been weeded out, they are still an issue. One solution would be to pipe the untrusted output through a command that strips non-printing characters. You can use cat -v for this purpose. From section 3.1 of the coreutils GNU Info page:
When outputting arbitrary text to a terminal, as GnuPG does by default, you are risking the exploitation of your terminal emulator. New vulnerabilities regarding handling of untrusted text being printed are found all the time, and while the most severe vulnerabilities have been weeded out, they are still an issue. One solution would be to pipe the untrusted output through a command that strips non-printing characters. You can use cat -v for this purpose. From section 3.1 of the coreutils GNU Info page:
- Decrypt messages using an unprivileged, or better yet dedicated, user.
- Strip control codes from decrypted output. Never view raw output with
vim,less, etc. - Keep GnuPG up to date at all times so known vulnerabilities will be patched on your system.
- Use a regularthe virtual terminal and not a terminal emulator. Never use
xtermor related forks. - Use AppArmor or similar on GnuPG. Do not run it under a user with X11 access.
- Decrypt messages using an unprivileged, or better yet dedicated, user.
- Strip control codes from decrypted output. Never view raw output with
vim,less, etc. - Keep GnuPG up to date at all times so known vulnerabilities will be patched on your system.
- Use a regular terminal and not a terminal emulator. Never use
xtermor related forks. - Use AppArmor or similar on GnuPG. Do not run it under a user with X11 access.
- Decrypt messages using an unprivileged, or better yet dedicated, user.
- Strip control codes from decrypted output. Never view raw output with
vim,less, etc. - Keep GnuPG up to date at all times so known vulnerabilities will be patched on your system.
- Use the virtual terminal and not a terminal emulator. Never use
xtermor related forks. - Use AppArmor or similar on GnuPG. Do not run it under a user with X11 access.
A quick search turned up several bad vulnerabilities in GnuPG in the past 10 years:
- CVE-2008-1530 - Memory corruption via duplicate keys from keyservers allowing code execution.
- CVE-2010-2547 - Use-after-free vulnerability in certificate parsing allowing code execution.
- CVE-2013-4242 - Side-channel attack revealing private key information to local processes.
- CVE-2013-4576 - Side-channel attack allowing acoustic cryptanalysis during RSA decryption.
- CVE-2016-6313 - Broken RNG leaking 160 bits of random material, weakening certain key types.
##But what is the actual risk?
##But what is the actual risk?
A quick search turned up several bad vulnerabilities in GnuPG in the past 10 years:
- CVE-2008-1530 - Memory corruption via duplicate keys from keyservers allowing code execution.
- CVE-2010-2547 - Use-after-free vulnerability in certificate parsing allowing code execution.
- CVE-2013-4242 - Side-channel attack revealing private key information to local processes.
- CVE-2013-4576 - Side-channel attack allowing acoustic cryptanalysis during RSA decryption.
- CVE-2016-6313 - Broken RNG leaking 160 bits of random material, weakening certain key types.
##But what is the actual risk?