GPG agent for W32
Timo Schulz
twoaday at freakmail.de
Mon May 14 17:27:01 CEST 2001
On Mon May 14 2001, Ingo Luetkebohle wrote:
> On Sun, May 13, 2001 at 09:16:37PM +0200, Timo Schulz wrote:
> > Perhaps somebody knows a better solution, then please let me know ;-).
>
> What about using encryption on the connection and storing the secret
> in a well-known file that only the user can read? Encryption code is
> already available, the method will work on all operating systems and
> it should be trivial to implement.
>
> Of course, on Win9x the file protection isn't that good but then,
> anyone using Win9x and expecting security can't really be helped. Its
> still better than nothing as most of the network attacks are defeated.
This is complicated because all clients also have to include the
crypto code to retrieve the passphrase. I am not sure if encryption
is the solution for the problem. The main problem is, that anybody
on the local machine can read the socket. And like you said W9x doesn't
have any file permissions.
I also tried to use pipes and store the file descriptors in the agent
variable, this prevents most of the network attacks. But people can still
read the pipe to get the passphrase :-(.
Does anybody know how other W32 passphrase caching programs are working?
Timo
--
Two-a-Day at WinPT.org keyid BF3DF9B4 http://www.WinPT.org
More information about the Gnupg-devel
mailing list