On Sun, Sep 25, 2005 at 12:43:44AM +0200, Johan Wevers wrote: > > No, you'll have to pipe it through a file descriptor with --passphrase-fd. > But with the echo command it can be done on a commandline too on fd 0: > echo password | gpg --passphrase-fd 0 --decrypt / --encrypt. > > For some reasons I don't completely understand the GnuPG developers feel > this is less insecure than a normal commandline (you're certainly not the > first to ask this...).
I would guess the reasoning is something like, "when you know enough to be able to do it you know why _not_ to do it", a consious decission that this breach of security does not hurt is a lot less dangerous than breaking security without knowing. Just some thoughts. //Samuel _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
