scim and pinentry-gtk2
rw at rlworkman.net
Tue Apr 8 20:15:19 CEST 2008
Note: added Eric Hameleers to CC list; please preserve in replies...
Marcus Brinkmann wrote:
> At Wed, 19 Mar 2008 00:02:08 -0500,
> Robby Workman <rw at rlworkman.net> wrote:
>> Marcus Brinkmann wrote:
>>> At Thu, 21 Feb 2008 15:46:02 -0600,
>>> Robby Workman <rw at rlworkman.net> wrote:
>>>> To make a long story short, pinentry-gtk2 doesn't receive keyboard
>>>> input when scim is being used. This has previously been reported
>>>> to both Ubuntu and OpenSuSE, and after scim and friends were recently
>>>> added to Slackware, we're seeing it there.
>>>> Any idea what's at fault?
>>> pinentry grabs the keyboard and the screen by default (there is an
>>> option to switch it off). Maybe scim doesn't work well with that?
>> Hi Marcus,
>> Sorry for the delay - I've unfortunately been short on time lately.
>> Starting gpg-agent with the --no-grab option has no effect.
>> This is quite annoying for users who need alternate input methods,
>> especially scim. Maybe I'm missing something obvious, but here's
>> how it appears to me:
>> 1. Pinentry is a GTK+ app.
>> 2. GTK+ apps can use GTK+ input methods.
>> 3. Rather than using an input method, pinentry grabs the raw input.
>> I understand that there are perhaps security concerns with not
>> grabbing raw input, but surely there's a way to fix this?
>> pinentry-qt handles this just fine, btw...
> If it can be implemented without linking to any more libraries, I
> would suggest a command line option to enable external input methods.
> If more libraries are required, or if there is a slippery slope
> towards more GNOME/Gtk compliance, it might make sense to provide two
> separate versions of pinentry: A hardened version based on the current
> code, and a weakened version that does not make extra efforts to be
> secure, but instead complies to a multitude of GUI standards.
> How does this sound?
I suppose the command line option to pinentry might be acceptable,
but there would need to be some way to specify in gpg-agent that
pinentry should be called with the --scim (or whatever) option.
Perhaps it could check for the presence of the XIM_PROGRAM or
GTK_IM_MODULE environment variables and automatically do the right
Alternatively, a pinentry-scim binary (which could then be specified
in gpg-agent with --pinentry-program) would be acceptable, I suppose.
I know basically nothing about gtk programming, but I must admit that
I find it hard to believe that there's no "correct" way to do this
in gtk without either command line options to pinentry or a special
pinentry binary -- obviously qt provides the ability, so surely gtk
does as well?
More information about the Gnupg-devel