Script with sensitive info

CL Gilbert Lamont_Gilbert@RigidSoftware.com
Thu Jul 24 16:38:02 2003 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

kynn@panix.com wrote:
| I want to write a Perl script whose operation requires it to have some
| sensitive information (bank account passwords, etc.).  This script is
| meant to run non-interactively, so having it prompt the user for this
| information is not an option.  Also, encrypting the file itself would
| render the script uninterpretable by /usr/bin/perl.
|
| Is there a way to use Gnupg to solve the problem of protecting this
| script?

no.  (people ask similar questions in the Java forums all the time.
about encrypting class loaders and such.)

(I realize that the script is already protected by my Unix
| account password, but I would like more protection than that.)
|

impossible, your protection is limited to what your OS offers.  If you
like to program for the fun of it, you can try encryption (obfuscation
in this case).  These things will not add security, but obscurity.  If
this added obscurity causes you to relax more than before it was added,
then you have effectively reduced your level of security!

When your cracked, your cracked...

This is something else I picked up from java, "Let the OS do the OSes
work."  Security of files is a function of the filesystem.  If you want
increased security of files, the filesystem is the ONLY place you can
achieve it.  Encrypting a file on an unencrypted filesystem is a waste
of time, if the keys also reside on this same filesystem.

also the automation as another poster said, is killing your last bits of
added security.


- --
Thank you,


CL Gilbert
"Then said I, Wisdom [is] better than strength: nevertheless the poor
man's wisdom [is] despised, and his words are not heard." Ecclesiastes 9:16

GnuPG Key Fingerprint:
82A6 8893 C2A1 F64E A9AD  19AE 55B2 4CD7 80D2 0A2D
GNU Privacy Guard http://www.gnupg.org

Free interface to Freechess.org
http://www.rigidsoftware.com/Chess/chess.html
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQE/H++OVbJM14DSCi0RAg8FAJ4sPuJVLboUmUcLSIrHzfP5ZFSBHACcCpFz
4hsGiov6H3L4F8+l0ZG3qiw=
=E6ov
-----END PGP SIGNATURE-----