mirror of
https://github.com/gopasspw/gopass.git
synced 2025-12-08 19:24:54 +00:00
dc295b9ae1
This PR adds a new attempt at validating recipients files to prevent malicious actors from updating them and tricking users into sharing their new and updated secrets with a wider-than-inteded audience. This includes two new config options (`recipients.hash` and `recipients.check`) and one new command `gopass recipients ack` to update the hash after validating it's content. Fixes #2478 RELEASE_NOTES=[ENHANCEMENT] Add recipients hash checking. Signed-off-by: Dominik Schulz <dominik.schulz@gauner.org> Signed-off-by: Dominik Schulz <dominik.schulz@gauner.org>
