first time gpg automation with perl

carrie carrie at databeast.com
Thu Apr 29 02:02:45 CEST 2004 

Hi all, 
I am using shared hosting with an ISP.  gpg 1.06 is installed.

I have got a ssh login and have used gpg via that in my area of the server and 
it works exactly as expected. 

but I am prototyping the script to use in an environment where the only access 
I have to the command line is via backticks from perl.

I have encountered some trouble though and which has eventually resulted in 
the following script which I wrote to see if it would help me resolve the 
problem
#!/usr/bin/perl

my $gpgargs = " --version";
my $sentstring = "gpg $gpgargs";
my $returnedstring = `gpg   $gpgargs`;
my $returnedstring2 = `echo "hello carrie"`;
my $returnedstring3 = `pwd`;
my $returnedstring4 = `whoami`;
my $returnedstring5 = `ls -l`;
my $returnedstring6 = `gpg --list-keys`;
print "Content-type: text/html\n\n";
print <<HTML;
<html>
<body bgcolor="white">
<blockquote><blockquote>
<h4>Message:</h4>
<ul>
<li>
xxxx  $sentstring xxxx $returnedstring <br>
xxx echo "hello carrie" xxx $returnedstring2<br>
pwd   xxx $returnedstring3 <br>
whoami xxx $returnedstring4<br>
gpg --list-keys xxx $returnedstring6<br>
ls -l xxx $returnedstring5<br>
 
</ul>
</blockquote></blockquote>
</body></html>
HTML

the output  demonstrates my trouble  
Message:

    * xxxx gpg --version xxxx gpg (GnuPG) 1.0.6 Copyright (C) 2001 Free 
Software Foundation, Inc. This program comes with ABSOLUTELY NO WARRANTY. 
This is free software, and you are welcome to redistribute it under certain 
conditions. See the file COPYING for details. Home: ~/.gnupg Supported 
algorithms: Cipher: 3DES, CAST5, BLOWFISH, RIJNDAEL, RIJNDAEL192, 
RIJNDAEL256, TWOFISH Pubkey: RSA, RSA-E, RSA-S, ELG-E, DSA, ELG Hash: MD5, 
SHA1, RIPEMD160
      xxx echo "hello carrie" xxx hello carrie
      pwd xxx /home/carrie/cgi-bin
      whoami xxx carrie
      gpg --list-keys xxx
ls -l xxx total 96 -rwxr-xr-x 1 carrie carrie 1384 Apr 28 18:41 databeast.key 
-rw-r--r-- 1 carrie carri<snipped>

everything works as you would expect except --list-keys and  the other gpg 
action commands. But I know that I have the priviliges to run these commands 
because I can run them from my ssh connection. and the script reported that 
the directory and user (carrie) are the same as they would be from the ssh 
shell. So why willt it let me execute some commands in gpg but not others?
is there a security setting ? 
maybe something that stops script access?

any other ideas?
TIA
Carrie

More information about the Gnupg-users mailing list