Another idea (was Re: Password on command line?)
Tue Aug 6 19:03:02 2002
On Tue, 6 Aug 2002, Steve Butler wrote:
> And now somebody can do a 'ps -ef' and see it on the command for many
> flavors of Unix.
Yeah, the best thing is to write the program entirely in Perl.
That is, unless the shell has some method of turning off output to the
Furthermore, if we do an 'echo "password" | gpg ...", that too would show
up on 'ps'.
Andrzej had a good idea about using an "HereDoc".
gpg --passphrase-f 0 --decrypt test.gpg <<EOH
Because the passphrase is in STDIN, it won't show up on ps (is that
In Perl we can call programs effectively using an EOH:
`program <<EOH\nsome imput\nEOH`;
Therefore, the Perl program could be something like:
ReadMode('noecho'); # Turn off output to the screen.
print "Please enter your passphrase: ";
chomp( my $passphrase = ReadLine(0) );
`gpg --passphrase-f 0 --decrypt test.gpg <<EOH\n$passphrase\nEOH`;
# And so on