From 661a2ca160c5f34b463385e34df8b6abcb9efb87 Mon Sep 17 00:00:00 2001 From: Ludovic Bellier Date: Sun, 28 Apr 2024 09:32:24 +0000 Subject: [PATCH] Fix action/options policy separator --- user/security-in-qubes/split-gpg.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/user/security-in-qubes/split-gpg.md b/user/security-in-qubes/split-gpg.md index a10ca40f..8335d9e6 100644 --- a/user/security-in-qubes/split-gpg.md +++ b/user/security-in-qubes/split-gpg.md @@ -140,10 +140,10 @@ work-email work-gpg allow where `work-email` is the Thunderbird + Enigmail app qube and `work-gpg` contains your GPG keys. -You may also edit the qrexec policy file for Split GPG in order to tell Qubes your default gpg vm (qrexec prompts will appear with the gpg vm preselected as the target, instead of the user needing to type a name in manually). To do this, append `,default_target=` to `ask` in `/etc/qubes-rpc/policy/qubes.Gpg`. For the examples given on this page: +You may also edit the qrexec policy file for Split GPG in order to tell Qubes your default gpg vm (qrexec prompts will appear with the gpg vm preselected as the target, instead of the user needing to type a name in manually). To do this, append `default_target=` to `ask` in `/etc/qubes-rpc/policy/qubes.Gpg`. For the examples given on this page: ``` -@anyvm @anyvm ask,default_target=work-gpg +@anyvm @anyvm ask default_target=work-gpg ``` Note that, because this makes it easier to accept Split GPG's qrexec authorization prompts, it may decrease security if the user is not careful in reviewing presented prompts. This may also be inadvisable if there are multiple app qubes with Split GPG set up.