decrypting input, not a file...
Florian Weimer
Florian.Weimer@rus.uni-stuttgart.de
19 May 2000 11:49:34 +0200
Paul Evad <pevad@kudosnet.com> writes:
> $command="echo '$passphrase\n$code' | gpg -v --batch
> --no-secmem-warning --passphrase-fd 0 --decrypt";
> exec($command, $encrypted, $errorcode);
On most Unix-like systems, any local user can eavesdrop the passphrase
if you run this (and similar code) because command-line arguments are
readable for all users.
--
Florian Weimer Florian.Weimer@RUS.Uni-Stuttgart.DE
University of Stuttgart http://cert.uni-stuttgart.de/
RUS-CERT +49-711-685-5973/fax +49-711-685-5898
http://ca.uni-stuttgart.de:11371/pks/lookup?op=get&search=0xC06EC3B5