pinentry's new window titles could be more (less?) informative
Daniel Kahn Gillmor
dkg at fifthhorseman.net
Thu Sep 28 13:06:02 CEST 2017
I've been playing with pinentry's master branch -- i really like the
idea of showing some information about the process that's invoking
gpg-agent in the title bar, to the extent that pinentry can infer it
from the system's introspection mechanisms.
however, the information shown usually isn't meaningful to the end user,
because it shows some complex gpg command line generated either by gpgme
or by the actual user-facing tool's understanding of how to invoke gpg.
Here's a recent example of a window title:
@alice (/usr/bin/gpg --charset utf-8 --display-charset utf-8 --use-agent --batch --no-tty --status-fd 2 -a -t --encrypt --sign --trust-model always --encrypt-to 0x0EE5BE979282D80B9F7540F1CCD2E
(i recognize that this is truncated, but i haven't done the legwork to
figure out where it's being truncated -- maybe xwininfo doesn't believe
that a window title could be this long?)
At any rate, normal humans don't want to see all that :P
What the normal user in the above scenario would probably want to see is
something more like:
thunderbird on alice (process 2504)
thunderbird on alice
or maybe even just:
and only show the "on alice" host information if the invoking program is
not on the same host as the agent.
I grant that just using the title "thunderbird" will confuse people even
more about the pinentry window -- it's not actually a thunderbird
window! The bug reports will be confused! If we want to make it a
little bit clearer, then we could show something like:
thunderbird invoking gpg
gpg from thunderbird
As for where we get this information from, i'm imagining that the logic
* if the invoking program is not from the GnuPG suite, just show the
invoking program (we can deal with those things later, though i don't
know how many non-GnuPG tools talk to gpg-agent directly -- i only
know of agent-transfer, which i wrote).
* otherwise, look at the parent process of the invoking program.
* if the parent process is pid 1, show the details of the invoking
* otherwise, show the details of the parent process.
What do folks think?
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 832 bytes
Desc: not available
More information about the Gnupg-devel