John M Church
john.m.church at lmco.com
Fri Apr 7 16:16:15 CEST 2006
I think it's simplistic to just brush-off this request as a user who
wants convenience. There are very valid reasons for automated
decryption. I'm working a similar project (and have my own issue - see
"Automated Decryption via Script Running Setuid" written 4/5/06). Seems
to me if you protect your script and you are behind a firewall you're
not 'trading security for convenience'. You can even encrypt the
passphrase in your script if you're afraid someone with sudo or root
priveldges could open your script.
John W. Moore III wrote:
>-----BEGIN PGP SIGNED MESSAGE-----
>>I know that for PGP, there's an environment setting that
>>can be used to prevent this. Is there a similar thing for
>>GnuPG, or do I have to jump through some hoops?
>Hmm.....Let me see if I've understood you. You desire to use GPG for
>security 'Point to Point' then swap security for convenience on your end?
>My suggestion would be to either switch to Thunderbird w/Enigmail as
>your MUA. You can set Enigmail to 'remember' your passphrase for a
>specified length of time or until you Close the program.
>Timestamp: Thursday 06 Apr 2006, 19:42 --400 (Eastern Daylight Time)
>-----BEGIN PGP SIGNATURE-----
>Version: GnuPG v1.4.4-4094cvs: (MingW32)
>Comment: Public Key at: http://tinyurl.com/8cpho
>Comment: Gossamer Spider Web of Trust (US26): http://www.gswot.org
>Comment: Homepage: http://tinyurl.com/9ubue
>Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
>-----END PGP SIGNATURE-----
>Gnupg-users mailing list
>Gnupg-users at gnupg.org
More information about the Gnupg-users