Encrypting directories

Gordon Worley redbird at mac.com
Tue Jul 1 18:32:02 CEST 2003


Many users have requested that I add directory encryption to 
GPGFileTool, a gpg front-end on OS X for performing cryptographic 
operations on files.  GnuPG doesn't do this itself, but there are many 
ways in which I can wrap up directories into a single file for them.

Initially I thought to tar the directories before encryption/signing 
since this is a very compatible format and on Mac OS X will only cause 
problems for files with resource forks (I plan to eventually add 
support for some other archival format, but I think tar is a good 
start).  The problem is that I can't find a way to use tar without 
writing a file.  I'd like to use pipes, although that probably isn't 
secure, either.

The best that I can come up with so far is to write the archive to disk 
in a special directory in the user's home folder with permissions 700, 
read in the file's data, and then immediately use rm -P to securely 
delete the file.

Any suggestions on better ways to do this would be appreciated.

--
Gordon Worley - Mac GPG Project
http://macgpg.sourceforge.net/              ``Doveriai no proveriai.''
redbird at mac.com                                    --Russian proverb
PGP:  0xBBD3B003





More information about the Gnupg-devel mailing list