1993-05-26 - Re: PGP: Environment protection for UNIX

Header Data

From: stig@netcom.com (Stig)
To: J. Michael Diehl <stig@netcom.com (Stig)
Message Hash: 06835e343e08729b799b28a06077e28ae1e11b97761d330172851d6a4d11a6d7
Message ID: <9305260755.AA18959@netcom.netcom.com>
Reply To: <mdiehl@triton.unm.edu>
UTC Datetime: 1993-05-26 07:55:28 UTC
Raw Date: Wed, 26 May 93 00:55:28 PDT

Raw message

From: stig@netcom.com (Stig)
Date: Wed, 26 May 93 00:55:28 PDT
To: J. Michael Diehl <stig@netcom.com (Stig)
Subject: Re: PGP:  Environment protection for UNIX
In-Reply-To: <mdiehl@triton.unm.edu>
Message-ID: <9305260755.AA18959@netcom.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


On May 26,  1:07am, J. Michael Diehl wrote:
> Well, I like this one.  It lets you put little messages in place of argv[0].
> 
> #include <stdio.h>
> 
> char 	buff[100];
> int	esc = 27;
> 
> void main(int argc, char *argv[])
> {
> puts("Enter message.\n");
> scanf("%s", buff); 
> execl("/nfs/dorado/unsup/bin/ftp", buff, NULL);
> }
> 

Yeah, I like that too...  'cept if you need to pass args, it doesn't
provide a covert channel.

I confess to not having read my PGP manuals yet, but is there an
interactive mode to PGP?  If there WERE (hint), then it could be run
as a subprocess of emacs or a mail program and thus be a) more
convenient and b) the whole hub-bub about people snooping your
environment would be a non-issue.

	Stig



/* Jonathan Stigelman, Stig@netcom.com, PGP public key on request */
/* fingerprint = 32 DF B9 19 AE 28 D1 7A  A3 9D 0B 1A 33 13 4D 7F */





Thread