signing files from php script

Juan Antonio Martinez
Mon, 22 Jan 2001 13:24:32 +0100

I'm trying to auto signing mail messages from a cgi-php3 script.
My function seems like this one:

function gnupg_sign($msg) {
        $fromfile=tempnam( $GLOBALS["TMPDIR"], "gpg" );
        $tofile=tempnam( $GLOBALS["TMPDIR"], "gpg" );
        $com=sprintf("echo %s | /usr/bin/gpg --homedir %s/gnupg
--passphrase-fd 0 --default-key %s -q -o %s --clearsign
        $fd=fopen( $tofile , "r" );
        // unlink($tofile);
        // unlink($fromfile);
        return $msg;


Problem: PHP3 strips "|" on system command to avoid attacks
- Anybody knows the correct way to do this ?
- Perhaps some hide method of passing passphrase to pgp?. 
If i use popen(), how can I specify the passphrase-fd "n" descriptor? 
Remember that I cannot use "0" as file descriptor number from an apache
script, since gpg tries to open() /dev/tty that is not available
- Any environment variable?
- Any way to instruct gpg to auto-sign without prompting for a

Thanks in advance

        Juan Antonio          \|||/
                             / _ _ \
                             \ o o /
Juan Antonio Martinez               Universidad Politecnica de Madrid
email:          E.T.S.I Telecomunicacion     Ciudad Universitaria s/n
Tel:   34-1-3367366 ext 416         Laboratorio de Programación. Desp
Fax:   34-1-3367333                 28040 Madrid, Spain
In the beginning.... was the command line
                                                       - Neal Stephenson

Archive is at - Unsubscribe by sending mail
with a subject of  "unsubscribe"  to