On the fly encryption of files possible?

Robert J. Hansen rjh at sixdemonbag.org
Tue Jun 29 18:32:46 CEST 2010

On 6/29/2010 10:36 AM, Dirk Walter wrote:
> It would seem like a fairly trivial thing to code

The desired use case is to have a folder on disk where anything written
to that folder will be piped through GnuPG first.  You've already got to
deal with drag and drop, the possibility of multiple applications trying
to get access to the directory, race conditions, resource contentions
(how many GnuPG invocations will be going at once? is there enough
secure memory for them all?), and so on and so on.  You can probably
hack together a userspace solution that kind of works, but to do it
right you really need a kernel driver.

Kernel programming is hard and unforgiving.  Bugs don't crash your
application, they crash your entire operating system.  The pace of
development is excruciatingly slow.  If a userspace program segfaults in
development, I lose a few seconds.  If a kernelspace program segfaults
in development, I have enough time to brew a cup of coffee while I'm
waiting for my OS to reboot.  Multiply this by how many times a program
segfaults during development, and...

Sure, it's only a few thousand lines of C.  But I wouldn't call it
"trivial".  Not in the least.  I can count on one hand the number of
programmers I'd trust to do a good job of this.

More information about the Gnupg-users mailing list