diff options
| -rw-r--r-- | doc/gpg.texi | 16 |
1 files changed, 15 insertions, 1 deletions
diff --git a/doc/gpg.texi b/doc/gpg.texi index 93abd45cd..748c02da6 100644 --- a/doc/gpg.texi +++ b/doc/gpg.texi @@ -3360,9 +3360,23 @@ to display the message. This option overrides @option{--set-filename}. @itemx --no-use-embedded-filename @opindex use-embedded-filename Try to create a file with a name as embedded in the data. This can be -a dangerous option as it enables overwriting files. Defaults to no. +a dangerous option as it enables overwriting files by giving the +sender control on how to store files. Defaults to no. Note that the option @option{--output} overrides this option. +A better approach than using this option is to decrypt to a temporary +filename and then rename that file to the embedded file name after +checking that the embedded filename is harmless. When using the +@option{--status-fd} option gpg tells the filename as part of the +PLAINTEXT status message. If the filename is important, the use of +@command{gpgtar} is another option because gpgtar will never overwrite +a file but decrypt the files to a new directory. + +Note also that unless a modern version 5 signature is used the +embedded filename is not part of the signed data. + + + @item --cipher-algo @var{name} @opindex cipher-algo Use @var{name} as cipher algorithm. Running the program with the |