Security Vulnerability: Faulty GPG Signature Checking
Mark Gardner
mkg at vt.edu
Thu Jun 14 23:11:30 CEST 2018
On Thu, Jun 14, 2018 at 19:49:56 +0200, Tobias Girstmair wrote:
> *simple* bash scripts I've found are either trivial or
> {fragile,wrong,buggy,insecure}. Again, I'd support C (or anything widely
> supported) for pass 2.0
Lately I have switched all my C hacking over to Golang (Go). While pass
would need to be compiled individually for each platform, it would keep
portability, including Windows. We should seriously consider re-writing
pass in Go.
Another consideration is that Go doesn't use shared libraries which makes a
compiled Go program easily moved across different distributions within the
same platform by simply copying the executable.
BR,
Mark
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.zx2c4.com/pipermail/password-store/attachments/20180614/80235607/attachment.html>
More information about the Password-Store
mailing list