missing documentation / rant

Oyvind A. Holm sunny@sunbase.org
Sat Mar 9 22:07:03 2002


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 2002-03-09 15:02 Martin Blais wrote:
> another big one (for me and other friends): the default behaviour for
> "gpg file.gpg" is to decrypt to a file "file", and apart from asking
> for the passphrase it doesn't say it has output the PLAINTEXT to a
> FILE. the user that is not careful might forget or not know that is
> unencrypted document lies in the filesystem! that is a big problem!
> IMHO that should not be the default behaviour, the default, just as
> for input, should be that it outputs to stdout, just like --decrypt
> does, and that using --decrypt should output to a file (plus we
> should get a message that says so, every functionality that write
> unencrypted data to the filesystem should warn the user).

This can easily be avoided by using

    gpg <file.gpg

The output will then be sent to stdout. IMHO the current behaviour of
GnuPG is correct. When specifying a file directly, GPG behaves the
similar way -- creating a file. This is the de facto way of doing
things in UNIX and I don't think that should be changed. Another
question is whether it should be changed on DOSish systems, as the
stdin/stdout thing is pretty unfamiliar in the DOS (aka windows) world.
But then it's a Bad Thing to make a program work differently in
different environments. That would lead to more trouble than it's
worth.

Talking about stdin/stdout... I have to mention the horrible behaviour
by PGP 6.x. When I get encrypted mail, most of the time as armoured
text, I mark the text in my editor (joe) and filter it through GnuPG.
Works fine. One day I tried doing the same using PGP. It read from
stdin, but it did not send the output to stdout, instead it created a
file called "stdin" or something like that in the current directory
where i started my mail program. I must say I was shocked by this. I'd
_never_ think such a widespread program could have serious flaws like
this. If i remember correctly, one have to specify an option (-f or
something) to make PGP use stdin/stdout, but I still call it a flaw. If
it doesn't print to stdout, it should neither read from stdin. Indeed
PGP acts like a strange bird in an UNIX environment.

Regards,
=D8yvind

+-------------------------------------------------------------------+
| OpenPGP: 0x629022EB 2002-02-24 =D8yvind A. Holm <sunny@sunbase.org> |
| Fingerprint: DBE9 8D44 67F7 42AC 2CA1  7651 724E 9D53 6290 22EB   |
+------------- Nostalgien er ikke hva den engang var. --------------+

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)

iD8DBQE8injqck6dU2KQIusRAtKpAJ9gfO/XcS9dXtKsImQyHN+TBwqNPACgpU7q
BPIxa3uH1MeC0TOxlY77ii8=3D
=3Ds1Ae
-----END PGP SIGNATURE-----