Well if the server gets hacked and there able to read the script, I
have bigger problems. The pass doesn't matter too much since it's just
for passing a single file between two servers, not like it's multiple
recipients or anything. Plus the public key isn't even published and
the file isn't even stored after it's initially, and instantly
decrypted.
Adam Voigt
[EMAIL PROTECTED]
On Thu, 2002-11-07 at 12:15, Evan Nemerson wrote:
> You still have to put the password on the command line... Very insecure. I
> keep waiting for gpgme so I can work on a --enable-gpgme
>
> What you have is prolly the best solution right now, though. And good hack w/
> the home directory.
>
>
>
> On Thursday 07 November 2002 08:19 am, Adam Voigt wrote:
> > Ok, here's what I ended up with, and it worked:
> >
> > exec("HOME=\"/home/apache\";/bin/echo \"MYPASS\" | /usr/bin/gpg --no-tty
> > --passphrase-fd 0 -o /path/to/decrypted/file -d
> > /path/to/encrypted/file");
> >
> > I had to do the HOME variable setting because according
> > to the log file, GPG was looking for it's .gpg settings
> > directory in / and it didn't have write permissions to create
> > it there, so it kept dying, this way, it finds the directory
> > where it is supposed to be. Feeeeeew.
> >
> > Adam Voigt
> > [EMAIL PROTECTED]
>
> --
> Behold, I will corrupt you seed, and spread dung upon your faces.
>
> -Malachi 2:3
>
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
