Python bindings HOWTO proof reader request
Ben McGinnes
ben at adversary.org
Fri Mar 16 15:23:27 CET 2018
On Thu, Mar 15, 2018 at 05:09:19PM +0100, Jakub Wilk wrote:
> * Ben McGinnes <ben at adversary.org>, 2018-03-16, 00:00:
> > https://files.gnupg.net/file/data/ossmg4ung2hcpyyuks6j/PHID-FILE-xgbofmytge7fzn3u5kuc/GPGMEpythonHOWTOen.org
>
> I had a superficial look at this:
>
> > later version) and the GNU Lesser Public License version 2.1 (or
>
> Common misspelling of the license name. Should be:
> GNU Lesser *General* Public License
Nice catch and since I copied and pasted from elsewhere in the project
I'll also go fix those too.
> > strongly anticipated (e.g selecting and encrypting to a key known
>
> Missing full stop after "g".
Another nice catch, I'll also doube check any "i.e." instances for the
same sort of thing.
> > afile = open("secret_plans.txt.asc", "wb")
> > afile.write(cipher.read())
> > afile.close()
>
> More idiomatic and with better error handling:
>
> with open("secret_plans.txt.asc", "wb") as afile:
> afile.write(cipher.read())
Good call. Justus had a number of similar suggestions which I already
replied to and I'll be updating those as well as pretty much entirely
replacing the first encryption example and the decryption example.
> > c.home_dir = "/tmp/dmgpg"
>
> Looks like insecure use of /tmp.
Probably. What I left out was that I'd chmodded the temp directory to
700 and it was going to be removed after running the examples. In
fact, it already has been (though I did archive Danger Mouse's key,
just in case).
Regards,
Ben
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 228 bytes
Desc: not available
URL: <https://lists.gnupg.org/pipermail/gnupg-devel/attachments/20180317/16e8b212/attachment.sig>
More information about the Gnupg-devel
mailing list