I mean, most users don't root-install, but anyway the GUI application can drop a different age binary higher on the user's PATH. Or change their shell. Or a million other things.
There really isn't a point to defending against code running unsandboxed on a single-user machine.
I password protect my key for the sole threat model of me physically losing my device. I am aware that all other threat models that involve someone taking remote control of my device are not fully protected against, but it at least requires significantly more effort on their part versus just doing a scan for private keys on the file system.
FiloSottile|4 years ago
There really isn't a point to defending against code running unsandboxed on a single-user machine.
ulrikrasmussen|4 years ago
jeremyw|4 years ago