running gpg from another program

Thomas Roessler roessler at
Fri Feb 5 10:09:14 CET 1999

On Thu, Feb 04, 1999 at 11:07:06PM +0100, Matthias Urlichs wrote:

> > So what's wrong with --passphrase-fd 3

> As I said, it reads one fixed passphrase exactly once, at startup.
> But I might not even know whether I need one at that point.

Another possibility would be to use a simplistic protocol spoken
between gpg and a pass phrase agent or a graphical pass phrase
query program over Unix domain sockets.

It's straight-forward to implement, and there are no security
implications beyond "user and root can get pass-phrase".  But after
all, these "attackers" can also subvert the gpg binary you use, so
there is no serious loss of privacy here.

Thomas Roessler · 74a353cc0b19 · dg1ktr ·
     2048/CE6AC6C1 · 4E 04 F0 BC 72 FF 14 23 44 85 D1 A1 3B B0 73 C1
> Hi!  I'm Signature Virus 99!  Copy me into your signature and join the fun!

More information about the Gnupg-devel mailing list