Re: Fix needed for communication with gpg-agent

[Chong Yidong]

Richard Stallman <address@hidden> writes:

> It should not be hard to program Emacs to turn off the signal handler
> for tty input while it calls gpg.  That way, Emacs won't notice there
> is any input, and won't read any.
>
> This could be a new function made as a variant of call-process.
>
> Would this solve the problem?

I think you're assuming that Emacs calls gpg as a synchronous process:
i.e. call gpg, turn off tty input, wait for gpg to finish, restore tty
input.  The way the PGG code is currently set up, Emacs calls gpg as
an asynchronous process, and uses process-send-string to send gpg the
input text that we want to encrypt.

One reason to avoid call-process is that it communicates with
processes using a tempfile, which is a genuine security hole.

So for your suggestion to work, we would have to (i) create a new
built-in function similar to call-process, (ii) change it to use a pty
rather than a tempfile, (iii) make it turn off the Emacs tty signal
handler input while the process is running, (iv) find some way to
prevent Emacs from re-drawing the terminal screen while the process is
running, and (v) re-write pgg-gpg.el to use this built-in function,
which will require a revamp of its existing logic.

Or, we could recommend using X.