running gpg from another program
Thomas Roessler
roessler at guug.de
Fri Feb 5 10:09:14 CET 1999
On Thu, Feb 04, 1999 at 11:07:06PM +0100, Matthias Urlichs wrote:
> > So what's wrong with --passphrase-fd 3
> As I said, it reads one fixed passphrase exactly once, at startup.
> But I might not even know whether I need one at that point.
Another possibility would be to use a simplistic protocol spoken
between gpg and a pass phrase agent or a graphical pass phrase
query program over Unix domain sockets.
It's straight-forward to implement, and there are no security
implications beyond "user and root can get pass-phrase". But after
all, these "attackers" can also subvert the gpg binary you use, so
there is no serious loss of privacy here.
tlr
--
Thomas Roessler · 74a353cc0b19 · dg1ktr · http://home.pages.de/~roessler/
2048/CE6AC6C1 · 4E 04 F0 BC 72 FF 14 23 44 85 D1 A1 3B B0 73 C1
> Hi! I'm Signature Virus 99! Copy me into your signature and join the fun!
More information about the Gnupg-devel
mailing list