On Friday 21 February 2014 13:04:34 Richard W.M. Jones wrote:
On Fri, Feb 21, 2014 at 01:50:30PM +0100, Pino Toscano wrote:
> On Friday 21 February 2014 11:10:54 Richard W.M. Jones wrote:
> > On Thu, Feb 20, 2014 at 11:53:17AM +0100, Pino Toscano wrote:
> > > Create a temporary directory and tell gpg to use it as homedir,
> > > so
> > > imported keys do not get into the user's keyring. This also
> > > avoid
> > > importing the default key when a different one is needed to
> > > check
> > > the
> > > signature.
> > >
> > > The only exception is when a non-default fingerprint is used: in
> > > this
> > > case, that key is read from the user's keyring, since it is
> > > where it
> > > is.
> >
> > The mkdtemp part is fine. You could spin that off into a separate
> > commit, so it could be a candidate for backporting.
>
> Hm but it would not be used by anything else so far, so not sure
> what
> would the backport of it actually do.
Just thinking that we might use the mkdtemp binding somewhere else.
sysprep/sysprep_operation_script.ml is one candidate.
Sounds good then; do I better put the mkdtemp binding in mllib, then?
> > The rest I found a bit confusing. What does it do
exactly?
>
> The idea is to use a disposable keyring for each Sigchecker.t, so
> imported keys used for checking won't be imported directly into the
> user's keyring. The "exception" would be when asking to use a
> fingerprint different than the default one, which would be taken
> from
> the user's keyring.
>
> Currently it does not make much difference, since the only key not
> in
> user's keyring would be only the default one. In the future,
> external
> keys stored in own files would be imported in each Sigchecker.t, so
> not tampering the user's keyring.
> The current patch is a small step in that direction (the rest is
> basically almost done).
>
> I'm not sure what is confusing in the patch though...
OK, I see.
ACK.
Will split and push.
Thanks,
--
Pino Toscano