Script with sensitive info
James R. Hendrick
hendrick@keane-nne.com
Wed Jul 23 22:41:02 2003
If something is encrypted, to decrypt it you need to provide access to =
the "secret" (password, etc.)
If this script has to access encrypted data, it will need to access the =
key to unlock that data.
You *can* store that key in a file (but then you are at the mercy of the =
rest of the system security to protect that key).
You *can* require that a human input that key when the script starts up =
(maybe once per system boot). This still requires the key stay in memory =
in the clear (better than disk, but still possible to access).
Your choice.
> -----Original Message-----
> From: kynn@panix.com [mailto:kynn@panix.com]
> Sent: Wednesday, July 23, 2003 2:19 PM
> To: gnupg-users@gnupg.org
> Subject: Script with sensitive info
>=20
>=20
>=20
>=20
>=20
>=20
>=20
> I want to write a Perl script whose operation requires it to have some
> sensitive information (bank account passwords, etc.). This script is
> meant to run non-interactively, so having it prompt the user for this
> information is not an option. Also, encrypting the file itself would
> render the script uninterpretable by /usr/bin/perl.
>=20
> Is there a way to use Gnupg to solve the problem of protecting this
> script? (I realize that the script is already protected by my Unix
> account password, but I would like more protection than that.)
>=20
> Thanks!
>=20
> KJ
>=20
>=20
> _______________________________________________
> Gnupg-users mailing list
> Gnupg-users@gnupg.org
> http://lists.gnupg.org/mailman/listinfo/gnupg-users
>=20