On Thu, 17 May 2018 13:11, roman.fied...@ait.ac.at said: > How could that work together with the memory based "wipe" approach, you > envisioned in your message > https://lists.gnupg.org/pipermail/gnupg-users/2018-May/060379.html , last > paragraph?
Tha is a different layer. Basically a part of a MUA. That feature would be a safenet in case the actual MUA part does not check return codes from GPGME. GPGME has several types of data objects - Memory based - File based - File descriptor based - Callback based For the first two we can clear the memory or delete the file in case of an error and before we return to the caller. It is actually a bit complicate to implement because gpgme allows for synchornous and asynchronous operation and for the latter we have not yet a way to associate the data object with context. > Would that imply, that using e.g. "--output /proc/self/3" would > implicitly change the security behavior of gpg, e.g. by switching from > "output before validation" model to "validation before output" model No, gpg has no idea about this. It only aware whether it is working on a named file or on a file descriptor (which also includes a pipe) Shalom-Salam, Werner -- # Please read: Daniel Ellsberg - The Doomsday Machine # Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz.
pgp1ymasZ4luL.pgp
Description: PGP signature
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users