I know you will shake you head sadly but... I really have to perform such a suicidal task (even if for a short time and just for internal use).
I have to send by email (over the open internet) a XML file containing _system commands_ (yes: the kind of stuff like "rm -dfr /") to a server and have a Python program sitting on this server, fetching and parsing the e-mail message and executing the commands (maybe with _root privileges_). Of course, I want to be sure that only the allowed people is able to send such dangerous messages to my server so I will ask my users to encrypt and digitally sign their messages using Thunderbird, Enigmail and GPG as described in this very fine tutorial: http://goldenspud.com/webrog/archives/2005/03/10/encrypt-encrypt/ So far, so good, but I still have a couple of doubts about the server side: 1) What would you use to decrypt the messages? The GPG module created by Andrew Kuchling is declared "incomplete" and "no more maintained" on his web pages (http://www.amk.ca/python/code/gpg) so I think it is out of the game. Would you use OpenPGP (http://www.aonalu.net/openpgp/python)? Any other module? 2) I did not find any mention of _encrypted attachments_ on the Net. Does anybody know of a tutorial or a guide that explains how to encrypt (with Thunderbird/Enigmail) and decrypt (with Python) the (ANSI text) files attached to a email message? TIA ----------------------------------- Alessandro Bottoni -- http://mail.python.org/mailman/listinfo/python-list
