diff options
| author | Werner Koch <[email protected]> | 2024-02-05 07:35:16 +0000 |
|---|---|---|
| committer | Werner Koch <[email protected]> | 2024-02-05 07:42:56 +0000 |
| commit | e5f24218fcd8a3e59ed638a27b85d7b9c1295d4c (patch) | |
| tree | 5ba6a54cb4e904ddb06f8d2834a8f8bae8e8e337 /doc/gpg.texi | |
| parent | gpgsm: Increase salt size in pkcs#12 parser. (diff) | |
| download | gnupg-e5f24218fcd8a3e59ed638a27b85d7b9c1295d4c.tar.gz gnupg-e5f24218fcd8a3e59ed638a27b85d7b9c1295d4c.zip | |
doc: Improve warning for --use-embedded-filename.
--
GnuPG-bug-id: 6972
Diffstat (limited to 'doc/gpg.texi')
| -rw-r--r-- | doc/gpg.texi | 16 |
1 files changed, 15 insertions, 1 deletions
diff --git a/doc/gpg.texi b/doc/gpg.texi index 93abd45cd..748c02da6 100644 --- a/doc/gpg.texi +++ b/doc/gpg.texi @@ -3360,9 +3360,23 @@ to display the message. This option overrides @option{--set-filename}. @itemx --no-use-embedded-filename @opindex use-embedded-filename Try to create a file with a name as embedded in the data. This can be -a dangerous option as it enables overwriting files. Defaults to no. +a dangerous option as it enables overwriting files by giving the +sender control on how to store files. Defaults to no. Note that the option @option{--output} overrides this option. +A better approach than using this option is to decrypt to a temporary +filename and then rename that file to the embedded file name after +checking that the embedded filename is harmless. When using the +@option{--status-fd} option gpg tells the filename as part of the +PLAINTEXT status message. If the filename is important, the use of +@command{gpgtar} is another option because gpgtar will never overwrite +a file but decrypt the files to a new directory. + +Note also that unless a modern version 5 signature is used the +embedded filename is not part of the signed data. + + + @item --cipher-algo @var{name} @opindex cipher-algo Use @var{name} as cipher algorithm. Running the program with the |