Fix policy example in split-gpg

Merge branch 'pr-1398'
This commit is contained in:
unman 2024-05-03 15:21:15 +00:00
commit fe9d993a90
No known key found for this signature in database
GPG Key ID: BB52274595B71262

View File

@ -140,10 +140,10 @@ work-email work-gpg allow
where `work-email` is the Thunderbird + Enigmail app qube and `work-gpg` contains your GPG keys. where `work-email` is the Thunderbird + Enigmail app qube and `work-gpg` contains your GPG keys.
You may also edit the qrexec policy file for Split GPG in order to tell Qubes your default gpg vm (qrexec prompts will appear with the gpg vm preselected as the target, instead of the user needing to type a name in manually). To do this, append `,default_target=<vmname>` to `ask` in `/etc/qubes-rpc/policy/qubes.Gpg`. For the examples given on this page: You may also edit the qrexec policy file for Split GPG in order to tell Qubes your default gpg vm (qrexec prompts will appear with the gpg vm preselected as the target, instead of the user needing to type a name in manually). To do this, append `default_target=<vmname>` to `ask` in `/etc/qubes-rpc/policy/qubes.Gpg`. For the examples given on this page:
``` ```
@anyvm @anyvm ask,default_target=work-gpg @anyvm @anyvm ask default_target=work-gpg
``` ```
Note that, because this makes it easier to accept Split GPG's qrexec authorization prompts, it may decrease security if the user is not careful in reviewing presented prompts. This may also be inadvisable if there are multiple app qubes with Split GPG set up. Note that, because this makes it easier to accept Split GPG's qrexec authorization prompts, it may decrease security if the user is not careful in reviewing presented prompts. This may also be inadvisable if there are multiple app qubes with Split GPG set up.