| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <4E8B4BEC.5030708@zytor.com> Date: Tue, 04 Oct 2011 11:09:48 -0700 From: "H. Peter Anvin" <hpa@...or.com> To: Greg KH <gregkh@...e.de> CC: Steven Rostedt <rostedt@...dmis.org>, quilt-dev <quilt-dev@...gnu.org>, LKML <linux-kernel@...r.kernel.org>, Peter Zijlstra <a.p.zijlstra@...llo.nl>, Andrew Morton <akpm@...ux-foundation.org>, John Kacur <jkacur@...hat.com>, Andreas Gruenbacher <agruen@...e.de> Subject: Re: [RFC][PATCH v2][QUILT] Add gpg signing to quilt mail On 10/04/2011 11:02 AM, Greg KH wrote: > On Tue, Oct 04, 2011 at 01:46:34PM -0400, Steven Rostedt wrote: >> +my $pgp = `gpg --simple-sk-checksum -a --detach-sign $pass --output - < $tmpfile`; > > Try not to use gpg when calling from scripts, use gpgv instead, it > handles things much better, and sets the return value correctly so you > can check it (which I don't think you do here.) > gpgv is only usable to verify contents (equivalent to gpg --verify). For other things you need to use gpg's --status-fd feature, *or* (perhaps better) run gpgv on the output to verify that you actually got a good signature. -hpa -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists