Le 08/02/02 à 07:24, Magnus Bodin écrivit: > On Thu, Feb 07, 2002 at 02:23:49PM +0000, Dave Smith wrote: > > Hi all. > > > > I'm trying to write a script which will mail any file specified as an > > argument, to a specific user. However, I need the mail to be sent > > GPG-encrypted. > > It will at some point either require you to > > 1. Have an empty passphrase (not recommended) > 2. Enter your passphrase (not so practical, may be?) > 3. Have a script that contains the passphrase (security issue, too) > 4. Have a script that takes the passphrase as CL parameter (not good)
Probably best develop something like ssh-agent: - Have a seperate program, lets call it gpg-agent running that, on start, lets you enter the passphrase. Then, it goes into the background. - Via some ipc way; deliver the passphrase to the client program if the following conditions are met -- the client program's uid matches the one from the gpg-agent program -- the process name matches a list of known "good" client programs I'm pretty sure something like the above can be implemented without much effort on Unix, but I don't know the exact library functions needed. Gerhard -- mail: gerhard <at> bigfoot <dot> de registered Linux user #64239 web: http://www.cs.fhm.edu/~ifw00065/ OpenPGP public key id 86AB43C0 public key fingerprint: DEC1 1D02 5743 1159 CD20 A4B6 7B22 6575 86AB 43C0 reduce(lambda x,y:x+y,map(lambda x:chr(ord(x)^42),tuple('zS^BED\nX_FOY\x0b')))
