Self Decrypting Archives

Joseph Bruni
Thu Jun 19 21:17:02 2003

Very insecure. One could very easily strip off the self-decrypting shell and attach a tail-patched version that captures the secret key, or does something else with the contents (or your system).

SDA's are also incredibly platform-dependent.

They also have all the problems associated with shared-key encryption.

On Thursday, June 19, 2003, at 11:05AM, David Shaw <> wrote:

>Hash: SHA1
>On Thu, Jun 19, 2003 at 12:28:09PM -0400, Jeff Herrin wrote:
>> I have been looking throught the docs and I can't find anything
>> related to the creation of Self Decrypting Archives. Does gnupg
>> support this? If so where can I find more information about to
>> generate an SDA?
>GnuPG does not support this, and likely will never support this.  SDAs
>are wildly, tragically, insecure.  Think about it: someone is sending
>you a *program* and saying "please run this for me!"
>Version: GnuPG v1.2.3rc1 (GNU/Linux)
>Comment: Key available at
>Gnupg-users mailing list

PGP Fingerprint:
886F 6A8A 68A1 5E90 EF3F  8EFA E2B8 3F99 7343 C1E3