GNU Pth support

Andrew ``Bass'' Shcheglov andrewbass at gmail.com
Fri Aug 10 14:11:40 CEST 2007


Werner Koch wrote:
>> Is there any advantage building GPG with GNU Pth support?
>>     
>
> You can't build gpg with Pth support.  The GnuPG-2 package however
> requires Pth for several modules (gpg-agent, scdaemon).  Expect more
> modules to take advantage of this.  It is required because these modules
> are running as a server and thus need to be able to handle multiple
> requests.
>   
>> Is it true that without Pth, GPG will operate in a single-threaded mode?
>> (Seems so for me after looking into code, but I may be mistaken.)
>>     
>
> Why should it need to be multi-threaded if it does not act as a server?
>   

Yes, I see.
By GPG I meant not only the utility of the same name,
but rather the whole code bundled with it (incl. modules).

>> Why doesn't GPG have support for the standard POSIX threads (if host OS 
>> does support pthreads)?
>>     
>
> For security reasons.  Getting multi-threaded programs right is a tough
> job.  You can easily find bugs in the majority of multi-threaded
> applications (unless the threads don't need to interact with each
> other).
>
> Pth mitigates the problem as it is a userland thread implementation with
> well defined preemption points (i.e. system calls).  For auditing
> purposes it is better to implement servers using such a userland thread
> model than for example an event/continuation based model.
>   

So, as far as I understand you,
this is just a security concern,
and Pth was a safe choice because performance is not of big essence, right?


Thanks, Werner.

-- 
Andrew ``Bass'' Shcheglov
http://www.2ka.mipt.ru/~bass/
http://www.softlogic.ru/




More information about the Gnupg-devel mailing list