On Wed, Jun 24, 2009 at 12:28 PM, Daniel Kahn Gillmor<d...@fifthhorseman.net> wrote: > On 06/24/2009 11:06 AM, Brian Mearns wrote: >> GPGME just invokes gnupg in a subshell, right? And parses the >> response? Not that this won't work, it just seems so inelegant. > > Communicating a well-defined syntax across a process boundary doesn't > need to be inelegant. There are many good implementations of various > tools that take advantage of the natural segmentation that the OS > provides via distinct processes. > > One advantage for gnupg, for example, is that secret key material is > never loaded directly into the memory of the parent process, so it > cannot be copied or tampered with from there. > > This is not to say that the GPGME arrangement is perfect, just that the > process separation model itself isn't inherently a bad one. [clipped]
Perhaps inelegant was a little off the mark: how about inefficient? The program has already done all this work to create data structs and other binary data out of keys, and passphrases, and packets, and whatnot, and now it has to convert them into ASCII and send them to another program, just so that program can parse it all and turn it back into data structs and stuff. There's this whole long step in the middle that is essentially like climbing a set of stairs, then walking back down. The other thing that bothers me is that as a programmer, I know a well written program shouldn't be too difficult to abstract into a library. The fact that gnupg has been around so long and so many people have expressed interest in a library, and yet there remains no library...makes me question whether this is a philosophical decision that a library is unnecessary, or the program is actually implemented in an ugly and convoluted way, making the prospect of turning it into a library daunting. -Brian -- Feel free to contact me using PGP Encryption: Key Id: 0x3AA70848 Available from: http://keys.gnupg.net _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
