On Tue 09.09.08 15:01, Daniel Kahn Gillmor wrote: - snip - > * when the key was finally created, it populated ~/.irssi/otr/otr.key > with the raw key material. (the ~/.irssi/otr directory should > probably be created with mode 0700, btw).
Yeah I'll change the permissions. - snip - > If irssi crashes during this (lengthy) window, or if there's a power > failure, or whatever, it looks like all the previous private key > material will be destroyed permanently. The whole key generation process is total crap and what you're saying is right but unfortunately there isn't much I can do about it because it's all done by libotr. I did talk to the libotr guys about it and libotr4, while being better in many regards, will also have a better key generation API. > Since these are potentially > important credentials, it seems like it would be better for the OTR > plugin to modify the keyfile only *after* it completes the keygen. > And ideally, the operation would be an atomic one (create a new file, > and mv it into place?), to eliminate the window of possible failure. A possibility might indeed be to tell libotr to use a different filename and to move the file once libotr finishes. Uli -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
