[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Security of piping unencrypted keyfile through named pipe

Another solution occured to me this morning - instead
of piping the unencrypted keyfile, pipe the string of
commands to rxvt instead and execute with sh:

#N=65 #version 3
N=64 #version 2
((M = N + 1 ))
mkfifo -m 600 npipe
echo "head -c 2925 /dev/random | uuencode -m - \
head -n $M | tail -n $N | gpg -c -a -o ${KEYFILE}"\
>npipe &
rxvt +sb -geometry 80x1 -fn fixed -cr blue \ 
-T "Password" -e sh npipe
wait
rm -f npipe

I'm not sure though if that is still less secure than
a separate script?? 



		
__________________________________ 
Discover Yahoo! 
Get on-the-go sports scores, stock quotes, news and more. Check it out! 
http://discover.yahoo.com/mobile.html

-
Linux-crypto:  cryptography in and on the Linux system
Archive:       http://mail.nl.linux.org/linux-crypto/