Injecting Status-fd output
patrick at mozilla-enigmail.org
Thu Mar 8 16:16:04 CET 2007
Nicholas Cole wrote:
> On 3/8/07, Patrick Brunschwig <patrick at mozilla-enigmail.org> wrote:
>> In Enigmail I read it on a separate file descriptor, and check the
>> results at the end of the process, before displaying the data to the
>> user. This way, I can count the number of PLAINTEXT occurrences, and if
>> needed I can split the output according to the PLAINTEXT_LENGTH fields
>> (at least I hope that this is reliable information).
> The problem being, though, that many situations do not produce a
> PLAINTEXT_LENGTH field. How do you cope with that?
In this case I warn the user about multiple plain texts. There is
nothing else I could do.
Unfortunately, the architecture of Mozilla doesn't allow me to read bit
by bit (i.e. first read status message, then wait for text on stdout,
then wait for next status message etc.). From this point of view using
stdout for both status-fd and decrypted text would seem to be more
advantageous -- but my fear for injected [GNUPG:] lines is too big for
this. If you use stdout, you can very easily pretend e.g. valid
signature status messages, so I *really* don't consider this desirable,
and I would be very careful with this approach.
A few simple lines that look like normal gpg status output would be
sufficient to trick you ...
More information about the Gnupg-devel