<html><head></head><body><div style="font-family:Helvetica Neue, Helvetica, Arial, sans-serif;font-size:13px;"><div style="font-family:Helvetica Neue, Helvetica, Arial, sans-serif;font-size:13px;"><div></div>
<div><div style="font-family: "Helvetica Neue", Helvetica, Arial, sans-serif;">Dear Ben,</div><div style="font-family: "Helvetica Neue", Helvetica, Arial, sans-serif;"><br clear="none"></div><div style="font-family: "Helvetica Neue", Helvetica, Arial, sans-serif;">I am the maintainer of the python-gnupg package. This section about it in your HOWTO is, I believe, incorrect: "Unfortunately it has been beset by a number of security issues, most of which stemmed from using unsafe methods of accessing the command line via the subprocess calls."</div><div style="font-family: "Helvetica Neue", Helvetica, Arial, sans-serif;"><br clear="none"></div><div style="font-family: "Helvetica Neue", Helvetica, Arial, sans-serif;">At one time this was true - the subprocess calls in early versions were made with shell=True and therefore subject to injection attacks. However, this has not been the case for quite some time - subprocess is currently called with shell=False and not (as far as I know) insecure in the way you describe.</div><div style="font-family: "Helvetica Neue", Helvetica, Arial, sans-serif;"><br clear="none"></div><div style="font-family: "Helvetica Neue", Helvetica, Arial, sans-serif;">You also say "most of which stemmed from using unsafe methods of accessing the command line" - what were the *other* security issues, and where were they raised / who raised them? Obviously, I want to ensure that python-gnupg has no avoidable security issues, so your feedback would be helpful in achieving this. I would also be grateful if you updated your HOWTO to remove the inaccuracy about python-gnupg.</div><div style="font-family: "Helvetica Neue", Helvetica, Arial, sans-serif;"><br clear="none"></div><div style="font-family: "Helvetica Neue", Helvetica, Arial, sans-serif;">Regards,</div><div style="font-family: "Helvetica Neue", Helvetica, Arial, sans-serif;"><br clear="none"></div><div style="font-family: "Helvetica Neue", Helvetica, Arial, sans-serif;">Vinay Sajip</div></div><div><span style="color: rgb(38, 40, 42);">-------------------------------------------------------------</span></div><div><span style="color: rgb(38, 40, 42);">Date: Fri, 16 Mar 2018 00:00:49 +1100</span><br></div></div><div id="ydp9d499b31yahoo_quoted_2286926053" class="ydp9d499b31yahoo_quoted"><div style="font-family:'Helvetica Neue', Helvetica, Arial, sans-serif;font-size:13px;color:#26282a;"><div><div dir="ltr">From: Ben McGinnes <<a href="mailto:ben@adversary.org" rel="nofollow" target="_blank">ben@adversary.org</a>><br></div><div dir="ltr">To: <a href="mailto:gnupg-devel@gnupg.org" rel="nofollow" target="_blank">gnupg-devel@gnupg.org</a><br></div><div dir="ltr">Subject: Python bindings HOWTO proof reader request<br></div><div dir="ltr">Message-ID: <<a href="mailto:20180315130049.4sc54dk3zgvmlalq@adversary.org" rel="nofollow" target="_blank">20180315130049.4sc54dk3zgvmlalq@adversary.org</a>><br></div><div dir="ltr">Content-Type: text/plain; charset="us-ascii"<br></div><div dir="ltr"><br></div><div dir="ltr">Hello,<br></div><div dir="ltr"> The major work on a HOWTO for the Python bindings is done, but<br></div><div dir="ltr">I'd appreciate some fresh eyes proof reading it before I merge it with<br></div><div dir="ltr">master. The full thing, in org-mode format,is here:<br></div><div dir="ltr"><br></div><div dir="ltr"><a href="https://files.gnupg.net/file/data/ossmg4ung2hcpyyuks6j/PHID-FILE-xgbofmytge7fzn3u5kuc/GPGMEpythonHOWTOen.org" rel="nofollow" target="_blank">https://files.gnupg.net/file/data/ossmg4ung2hcpyyuks6j/PHID-FILE-xgbofmytge7fzn3u5kuc/GPGMEpythonHOWTOen.org</a><br></div><div dir="ltr"><br></div><div dir="ltr">Don't worry about dialectic differences between American English and<br></div><div dir="ltr">Australian or British English, I'll do a translation for en-US later.<br></div><div dir="ltr"><br></div><div dir="ltr">Also don't worry about the lack of instructions on revoking UIDs or<br></div><div dir="ltr">keys, that will be added later too.<br></div><div dir="ltr"><br></div><div dir="ltr">I'm more interested in being sure that the example code works (it<br></div><div dir="ltr">should, I was running it as I was writing the thing) and that the<br></div><div dir="ltr">corresponding text descriptions actually help to clarify what's going<br></div><div dir="ltr">on in that code.<br></div><div dir="ltr"><br></div><div dir="ltr"><br></div><div dir="ltr">Regards,<br></div><div dir="ltr">Ben<br></div><div dir="ltr">-------------- next part --------------<br></div><div dir="ltr">A non-text attachment was scrubbed...<br></div><div dir="ltr">Name: signature.asc<br></div><div dir="ltr">Type: application/pgp-signature<br></div><div dir="ltr">Size: 228 bytes<br></div><div dir="ltr">Desc: not available<br></div><div dir="ltr">URL: <<a href="https://lists.gnupg.org/pipermail/gnupg-devel/attachments/20180316/26b50906/attachment-0001.sig" rel="nofollow" target="_blank">https://lists.gnupg.org/pipermail/gnupg-devel/attachments/20180316/26b50906/attachment-0001.sig</a>><br></div><div dir="ltr"><br></div><div dir="ltr"><br></div></div>
</div>
</div></div></body></html>