[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: PGP: Environment protection for UNIX



On May 26,  1:07am, J. Michael Diehl wrote:
> Well, I like this one.  It lets you put little messages in place of argv[0].
> 
> #include <stdio.h>
> 
> char 	buff[100];
> int	esc = 27;
> 
> void main(int argc, char *argv[])
> {
> puts("Enter message.\n");
> scanf("%s", buff); 
> execl("/nfs/dorado/unsup/bin/ftp", buff, NULL);
> }
> 

Yeah, I like that too...  'cept if you need to pass args, it doesn't
provide a covert channel.

I confess to not having read my PGP manuals yet, but is there an
interactive mode to PGP?  If there WERE (hint), then it could be run
as a subprocess of emacs or a mail program and thus be a) more
convenient and b) the whole hub-bub about people snooping your
environment would be a non-issue.

	Stig



/* Jonathan Stigelman, [email protected], PGP public key on request */
/* fingerprint = 32 DF B9 19 AE 28 D1 7A  A3 9D 0B 1A 33 13 4D 7F */