2.1.19 testing failures on the debian build daemons

Peter Lebbing peter at digitalbrains.com
Tue Mar 21 22:28:36 CET 2017


I hope my comments help with the perspective. If not, never mind.

On 21/03/17 21:46, Daniel Kahn Gillmor wrote:
>  a) $GNUPGHOME/S.gpg-agent : this might have a particularly long name,
>     one that exceeds sun_path length.

Has this actually ever been an issue for someone? I understand the
problem can be artificially induced, but has anyone ever reported
hitting the limit accidentally?

>  c) anywhere under /tmp : this is not a predictable location that is
>     safe to use, and inherently can't be on most systems where /tmp is
>     shared and world-writable.

What's the problem when it is a sticky directory and you create a
directory with mode 0700 under it? I think OpenSSH's agent uses it.

> If anyone has a suggestion for how to handle this corner case, i'm all
> ears.

If /tmp is safe after all, that seems like a good alternative.

Peter.

-- 
I use the GNU Privacy Guard (GnuPG) in combination with Enigmail.
You can send me encrypted mail if you want some privacy.
My key is available at <http://digitalbrains.com/2012/openpgp-key-peter>

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 488 bytes
Desc: OpenPGP digital signature
URL: </pipermail/attachments/20170321/9161a628/attachment-0001.sig>


More information about the Gnupg-devel mailing list