Hi Jan,
as you can see in man zip: row 515
-P password
use password to encrypt zipfile entries (if any).
THIS IS INSECURE! Many multi-user operating sys
tems provide ways for any user to see the current
command line of any other user; even on stand-alone
systems there is always the threat of over-the-
shoulder peeking. Storing the plaintext password
as part of a command line in an automated script is
Info-ZIP 14 August 1999 (v2.3) 8
ZIP(1L) ZIP(1L)
even worse. Whenever possible, use the non-echo
ing, interactive prompt to enter passwords. (And
where security is truly important, use strong
encryption such as Pretty Good Privacy instead of
the relatively weak encryption provided by standard
zipfile utilities.)
hope that helps...
greetinx
Philipp
Jan Pfeifer wrote:
>
> hi all,
>
> I'm trying to compress with passwords a couple of hundred files using
> "zip" (I have to use this, as some of the compressed files will go to
> windoze users), but "zip" only seems to take the password from a
> terminal, so I can't use the "<" redirector of bash. Is there a way of
> fooling it, so it reads from a file, believing it to be a terminal ?
> Or any other way round ?
>
> cheers to all and thanks for any help!
>
> jan
>
> --
> Unsubscribe? mail -s unsubscribe [EMAIL PROTECTED] < /dev/null
