[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [PATCH] Fix releasing procedure
From: |
Alexandre Duret-Lutz |
Subject: |
Re: [PATCH] Fix releasing procedure |
Date: |
Tue, 27 Jan 2004 14:05:41 +0100 |
On Tue, Jan 27, 2004 at 11:54:39AM +0000, Gary V.Vaughan wrote:
> On Tuesday, January 27, 2004, at 10:40 am, Alexandre Duret-Lutz wrote:
> >On Tue, Jan 27, 2004 at 10:17:52AM +0000, Scott James Remnant wrote:
> >>*gulps* it stores my GPG passphrase in a shell variable?!
> >
> >Yep. Just like mailcrypt stores it in an emacs variable, or gpg in a
> >C variable. What's the difference?
>
> I was about to ask how you get the passphrase into gpg without it
> showing up in the process table for an instant, but you seem to have
> tried to address that. Notice that at the point that you pass the
> passphrase to gpgs stdin on a pipe you are calling echo with the
> PATH set by the user:
>
> echo $passphrase | $GPG --passphrase-fd 0 -ba -o $file.sig $file
>
> Oops!
At that point I already know that echo is a built-in (the script has
exited otherwise). I don't understand how PATH could matter.
> Better than PATH fiddling in the environment, it would be good to
> detect bash and use 'builtin echo' (and similar for ksh and zsh). I
> think you should also call gpg with an absolute path to forestall a
> trojan gpg which could log the passphrase.
I don't know the absolute path to use, unless I browse PATH. Maybe
you mean I should allow $GPG to be set by the user? (This seems as
dangerous as honoring PATH.)
> I'd be happier using the script if you supported quintuple agent, so
> that if gpg is getting it's passphrase from gpg-agent already, then
> there is no need to save it in the script at all.
This would be nice. I've heard about gpg-agent already, but never
used it. Is there a Debian package for this? I could not find it.
> I'm no security expert, and even I've found a couple of
> vulnerabilities. I have to say that I wouldn't use the script on a
> networked machine as it stands.
Oh, as far as I'm concerned I wouldn't use gpg on a machine which I
don't fully control. That may explain our different concerns :)
Whether my passphrase is stored in an agent process or in a shell
variable does not worry me; because to my (limited) knowledge the only
other user that can spy it is root, and root is me.
- [PATCH] Fix releasing procedure, Scott James Remnant, 2004/01/27
- Re: [PATCH] Fix releasing procedure, Alexandre Duret-Lutz, 2004/01/27
- Re: [PATCH] Fix releasing procedure, Gary V . Vaughan, 2004/01/27
- Re: [PATCH] Fix releasing procedure,
Alexandre Duret-Lutz <=
- Re: [PATCH] Fix releasing procedure, Alexandre Duret-Lutz, 2004/01/27
- Re: [PATCH] Fix releasing procedure, Gary V. Vaughan, 2004/01/27
- Re: [PATCH] Fix releasing procedure, Alexandre Duret-Lutz, 2004/01/27
- Re: [PATCH] Fix releasing procedure, Scott James Remnant, 2004/01/28
- FYI: fix gnupload (Was: Re: [PATCH] Fix releasing procedure), Alexandre Duret-Lutz, 2004/01/28
Re: [PATCH] Fix releasing procedure, Gary V . Vaughan, 2004/01/27