Wed, 19 Jan 2000 23:50:58 +0100 (MET)
You, Chuck Robey, wrote:
> I know very little yet about security, but could someone please tell me
> what security justification there is for making access to the passphrase
> so difficult?
Because on multi-user systems other methods are easier to compromise the
password: for example, if you could enter it on the command line, a simple
ps -ax would reveal it on many unices.
On the other hand, the fd method is also not 100% secure, on some systems
users can access this information.
Examples on how to use this method in perl scripts exist in the pgp 2.6
documentation. I can mail the relevant parts to you if you're interested.
I have also once implemented this in a C++ program that I can also mail
(the programming is very sloppy compared to my current standards, but the
techniques can be easily copied).
ir. J.C.A. Wevers // Physics and science fiction site:
firstname.lastname@example.org // http://www.xs4all.nl/~johanw/index.html
PGP public keys at http://www.xs4all.nl/~johanw/pgpkeys.html