Re: [PATCH 1/1] verify-tag/verify-commit should exit unsuccessfully when signature is not trusted

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Thu, Aug 09, 2018 at 11:40:27AM -0700, Junio C Hamano wrote:

> Jeff King <peff@xxxxxxxx> writes:
> 
> > I guess leaving it serves as a sort of cross-check if gpg would return a
> > zero exit code but indicate in the status result that the signature was
> > not good. Sort of a belt-and-suspenders, I guess (which might not be
> > that implausible if we think about somebody wrapping gpg with a sloppy
> > bit of shell code that loses the exit code -- it's their fault, but it
> > might be nice for us to err on the conservative side).
> 
> OK, this time a real log message.
> 
> -- >8 --
> Subject: [PATCH] gpg-interface: propagate exit status from gpg back to the callers
> [...]

Thanks, the explanation and the patch look good to me.

I'm on the fence over whether a follow-up patch to take away the "U" is
worth it. In practice the code should never trigger either way, since
gpg would already have exited non-zero in such a case.

-Peff



[Index of Archives]     [Linux Kernel Development]     [Gcc Help]     [IETF Annouce]     [DCCP]     [Netdev]     [Networking]     [Security]     [V4L]     [Bugtraq]     [Yosemite]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Linux SCSI]     [Fedora Users]

  Powered by Linux