dshaw at jabberwocky.com
Tue Jul 1 21:07:01 CEST 2003
-----BEGIN PGP SIGNED MESSAGE-----
On Tue, Jul 01, 2003 at 11:33:40AM -0400, Gordon Worley wrote:
> Many users have requested that I add directory encryption to
> GPGFileTool, a gpg front-end on OS X for performing cryptographic
> operations on files. GnuPG doesn't do this itself, but there are many
> ways in which I can wrap up directories into a single file for them.
> Initially I thought to tar the directories before encryption/signing
> since this is a very compatible format and on Mac OS X will only cause
> problems for files with resource forks (I plan to eventually add
> support for some other archival format, but I think tar is a good
> start). The problem is that I can't find a way to use tar without
> writing a file. I'd like to use pipes, although that probably isn't
> secure, either.
While it is possible to have a tempfile implementation of pipes that
isn't terribly secure, I thought the OSX pipes were true pipes.
Doing "tar -cf - thedirectory | gpg ..." should be secure.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3rc1 (GNU/Linux)
Comment: Key available at http://www.jabberwocky.com/david/keys.asc
-----END PGP SIGNATURE-----
More information about the Gnupg-devel