From 5f32b1e43c3a3bbaa7f09441268d4f2217b0ca23 Mon Sep 17 00:00:00 2001
From: Michał Górny <mgorny@gentoo.org>
Date: Sun, 26 Nov 2017 23:23:52 +0100
Subject: openpgp: Use GNUPGHOME for better process isolation

Override GNUPGHOME rather than HOME to isolated GnuPG operations. While
the latter seemed to work fine for isolating the keys, the former
guarantees better isolation, to the point of spawning a separate agent.
---
 gemato/openpgp.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/gemato/openpgp.py b/gemato/openpgp.py
index 83044b6..951ab79 100644
--- a/gemato/openpgp.py
+++ b/gemato/openpgp.py
@@ -14,7 +14,7 @@ import gemato.exceptions
 def _spawn_gpg(options, home, stdin):
     env = None
     if home is not None:
-        env={'HOME': home}
+        env={'GNUPGHOME': home}
 
     try:
         p = subprocess.Popen(['gpg', '--batch'] + options,
-- 
cgit v1.2.3