From: Hal <hfinney@shell.portal.com>
To: cypherpunks@toad.com
Message Hash: f8c35b6505d2f35c4e49368a8fd50d4a1e4f60e8e549975d40e4e48e052b6260
Message ID: <199405220527.WAA12131@jobe.shell.portal.com>
Reply To: N/A
UTC Datetime: 1994-05-22 05:26:18 UTC
Raw Date: Sat, 21 May 94 22:26:18 PDT
From: Hal <hfinney@shell.portal.com>
Date: Sat, 21 May 94 22:26:18 PDT
To: cypherpunks@toad.com
Subject: Re: "Email-Firewalls" / Instant Corporate PGP
Message-ID: <199405220527.WAA12131@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain
From: Vincent.Cate@FURMINT.NECTAR.CS.CMU.EDU
> #!/bin/csh -f
> #
> # Vince Cate
>
> setenv PGPPATH /usr/vac/pgp
> setenv PGPPASS "not really vinces passphrase"
>
> cd $PGPPATH
>
> cat > mailtmp.asc
>
> egrep 'Date:|From:|Subject:|To:' mailtmp.asc > mailtmp
> echo " " >> mailtmp
>
> pgp -f < mailtmp.asc >> mailtmp
>
> /usr/ucb/mail -s "Was encrypted" vac < mailtmp
>
> exit 0
A more secure way is not to setenv PGPPASS but rather:
setenv PGPPASSFD 1
and then
(echo "vinces passphrase" ; cat mailtmp.asc) | pgp -f >> mailtmp
The PGPPASSFD means take the passphrase from file descriptor 1, which is
the standard input. This way it never appears in the environment of a
process. Many unix systems have a switch to ps to show all processes'
environments.
Hal
Return to May 1994
Return to “Hal <hfinney@shell.portal.com>”