Package: gnupg-agent Version: 2.1.1-1 Severity: normal I'm using gnupg-agent for both GPG and SSH key management. As a result, I'm often prompted for unlocking a secret key.
The problem however is that I sometimes have *no* idea which process is prompting me, never mind understanding "why". To give you a bad example, imagine using sshfs to mount some paths over the network. A GUI application tries to readdir() a network path, typically due to the "recent" open/save dialog handling, or worse yet during the population of the "Recent" menu items. This results in a prompt out of the blue, which is often worsened by the delay involved (due to connection latencies) in respect to the action that you're performing. As an improvement, the agent should collect the PID/program of the requesting process and show it along with the requested key as an additional cue to the user. AFAIK, when a requesting process is using a unix socket, so we could use getpeerid(3) to find the PID of the connected endpoint. Once the PID is available, reading /proc/ would be an option to find the command line of the requesting process to collect some more information to display to the user, to answer the _REAL_ question "why my key is being used and who is requesting it?". Too bad "why" is still missing. This method shouldn't require cooperation on the requesting process. I consider this a bug of "normal" priority for a key agent, not just a whishlist. My reasoning is that it's currently impossible for a user to determine which process is requesting permission. I was previously unsuccessful in getting an usability patch accepted into pinentry, so I'm trying to get more traction using Debian's BTS. -- System Information: Debian Release: 8.0 APT prefers unstable APT policy: (900, 'unstable'), (800, 'experimental') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 3.16.0-4-amd64 (SMP w/4 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) Versions of packages gnupg-agent depends on: ii libassuan0 2.1.2-2 ii libc6 2.19-13 ii libgcrypt20 1.6.2-4+b1 ii libgpg-error0 1.17-3 ii libnpth0 1.0-1 ii libreadline6 6.3-8+b2 ii pinentry-gtk2 [pinentry] 0.8.3-2 Versions of packages gnupg-agent recommends: ii gnupg 1.4.18-6 ii gnupg2 2.1.1-1 gnupg-agent suggests no packages. -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org