Another idea (was Re: Password on command line?)

Daniel Carrera
Tue Aug 6 19:03:02 2002

On Tue, 6 Aug 2002, Steve Butler wrote:

> And now somebody can do a 'ps -ef' and see it on the command for many
> flavors of Unix.

Yeah, the best thing is to write the program entirely in Perl.
That is, unless the shell has some method of turning off output to the

Furthermore, if we do an 'echo "password" | gpg ...", that too would show
up on 'ps'.

Andrzej had a good idea about using an "HereDoc".

gpg --passphrase-f 0 --decrypt test.gpg <<EOH

Because the passphrase is in STDIN, it won't show up on ps (is that

In Perl we can call programs effectively using an EOH:

`program <<EOH\nsome imput\nEOH`;

Therefore, the Perl program could be something like:

#!/usr/bin/perl -w

use strict;

use Term::ReadKey;
ReadMode('noecho');  # Turn off output to the screen.

print "Please enter your passphrase: ";
chomp( my $passphrase = ReadLine(0) );

`gpg --passphrase-f 0 --decrypt test.gpg <<EOH\n$passphrase\nEOH`;

# And so on