search

isislovecruft / python-gnupg

A modified version of python-gnupg, including security patches, extensive documentation, and extra features.
Other
424 stars 172 forks source link

os.getresuid() not supported on OSX #21

Closed zemanel closed 10 years ago

zemanel commented 10 years ago

It seems os.getresuid() is currently not supported on OSX:

http://bugs.python.org/msg91837:

getresgid function: needs implementing[1]
[1] Not POSIX but available on Linux, HP/UX, FreeBSD, OpenBSD,
DragonFlyBSD.  Not available on Solaris, AIX, NetBSD, OSX, cygwin.

It is used on the project to:

it would be cool if this could be circumvented, for example dropping agent support on platforms which do not support os.getresuid() so that the rest of the features could be used.

andrejb commented 10 years ago

Maybe the following pullreq solves this issue: https://github.com/isislovecruft/python-gnupg/pull/28.

harobed commented 10 years ago

+1

isislovecruft commented 10 years ago

@zemanel : Thanks for reporting this issue, and all the documentation links. One tiny point of correction: though os.getresuid() is used to find a running gpg-agent for the current euid, in order to support using gpg-agent, it's actually more importantly used to not use a running gpg-agent process if initialised with gnupg.GPG(use_agent=False). All the tricks in the gnupg._meta.GPGMeta metaclass are for hiding the user's pinentry and running gpg-agent process from the running Python interpreter. Otherwise, the Python interpreter and its underlying gnupg binary might try to access the user's actual keyrings, or, even worse, try to use any passphrases or decrypted keys stored in the gpg-agent process!

@andrejb : Thanks for the patches! They were merged and released in 1.2.4.