From: Mark Grant <mark@unicorn.com>
To: alt.security.pgp@news.news.demon.net
Message Hash: 19159b86329a3780f6ecb5589f9ad5bbfecf2a79de52e4bc50fa22bf3880b490
Message ID: <Pine.3.89.9612221336.A789-0100000@marui>
Reply To: N/A
UTC Datetime: 1996-12-23 11:44:48 UTC
Raw Date: Mon, 23 Dec 1996 03:44:48 -0800 (PST)
From: Mark Grant <mark@unicorn.com>
Date: Mon, 23 Dec 1996 03:44:48 -0800 (PST)
To: alt.security.pgp@news.news.demon.net
Subject: Privtool 0.87
Message-ID: <Pine.3.89.9612221336.A789-0100000@marui>
MIME-Version: 1.0
Content-Type: text/plain
I've finally released a new version of Privtool -- my PGP-aware X-windows
mailreader for Linux, SunOS, FreeBSD and Solaris. Version 0.86 is
available on utopia.hacktic.nl in the incoming directory (and possibly
elsewhere) and I'll be uploading 0.87 shortly. For more details and
screenshots see http://www.c2.org/~mark/privtool/privtool.html.
Mark
-----BEGIN PGP SIGNED MESSAGE-----
Privtool Beta Release 0.87
--------------------------
Privtool ("Privacy Tool") is intended to be a PGP-aware replacement
for the standard Sun Workstation mailtool program, with a similar user
interface and automagick support for PGP-signing and PGP-encryption. Just
to make things clear, I have written this program from scratch, it is
*not* a modified mailtool (and I'd hope that the Sun program code
is much cleaner than mine 8-) !).
When the program starts up, it displays a list of messages in your
mailbox, along with flags to indicate whether messages are signed
or encrypted, and if they have had their signatures verified or
have been decrypted.
When you double click on a message, it will be decrypted (requesting
your passphrase if neccesary), and/or will have the signature checked,
and the decrypted message will be displayed in the top part of the
display window, with signature information in the bottom part. The
mail header is not displayed, but can be read by pressing the 'Header'
button to display the header window. In addition, the program has
support for encrypted mailing list feeds, and if the decrypted
message includes another standard-format message it will replace
the original message and be fed back into the display processing
chain.
When composing a message or replying to one, the compose window has
several check-boxes, including one for signature, and one for
encryption. If these are selected, then the message will be automatically
encrypted and/or signed (requesting your passphrase when neccesary) before
it is sent. You may also select a 'Remail' box, which will use the
Mixmaster anonymous remailer client program to send the message through
one or more remailers.
Being an Beta release, there are a number of bugs and unimplemented
features.
Known Bugs:
None reported.
Unimplmented features:
When you save changes to the mail file, it throws away the
signature verification and decrypted messages, so that the
next time you view a message it has to be verified or decrypted
again.
Currently if you send encrypted mail to multiple recipients, all must
have valid encrpytion keys otherwise you will have to send the
message decrypted. Also, the message will be sent encrypted to all
users, not just the one who is receiving each copy.
Code should be more modular to assist with ports to Xt, Motif
(under way), Mac, Windows, etc. I may port it to C++ in the near
future.
Not very well documented!
Encrypted messages are saved to mail files in encrypted form. There
is currently no option to save messages in decrypted form.
No support for anonymous return addresses.
Not very well tested on Solaris 2.x, or SunOS.
No support for attachments (either Sun, uuencode or MIME).
Changes for 0.87:
Added support for signature files.
Solaris patches for 0.86 from Glenn Trigg -- as usual a few
bugs crept in because I couldn't test it on all operating
systems.
Added Vincent Cojot's (coyote@step.polymtl.ca) new icons for
Linux.
Some versions of Unix are set up to have mail programs setgid mail,
and give write access to /usr/spool/mail only to mail and root. This
caused hangs when saving changes. I've now incorporated changes
which allow Linux to run privtool setgid mail, and these should
work on FreeBSD.
Fixed a number of compile-time warnings.
Only display the compose window *after* it's been filled with
data. This should prevent the time-consuming scrolling update
which used to occur.
Allow the user to specify the organization in their header.
Changes for 0.86:
Optionally use /dev/audio to supplement the random number
generation code.
Anders Baekgaard fixed a few bugs that sneaked in at the last
minute, updating the header window, parsing dates, compose
window layout, and SEGV when tabbing between fields on the
compose window.
Gregory Margo (gmargo@newton.vip.best.com) provided multiple
display windows.
Tony Gialluca (tony@hgc.edu) made some of the compose window
buttons work.
Fixed some file descriptor leaks in pgplib.c.
On Linux we now read the contents of a number of files under
/proc, and use these as an additional source of random
data (e.g. /proc/interrupts, /proc/meminfo).
Added 'Reseed Random' menu option, which will reseed the
random number generator at any time. If possible this will
come from the audio device and/or the /proc files.
Added FreeBSD patch from Stuart Arnold (sja@epo.e-mail.com).
See README.FREEBSD for more information.
No longer destroy compose windows when you select 'Done'!
Graphical properties window added. I've lost the address of
the person who did the original work, so if it was you then
please contact me! This was expanded and incorporated into
0.86 by Scott Cannon (rscott@silver.cal.sdl.usu.edu).
Fixed memory corruption in pgplib.c.
Limited support for secret keys on floppy disks.
Allow users to specify their domain name and reply-to: header
lines.
Privtool can be compiled to either use PGP Tools, or to fork off a copy of
PGP whenever it is needed. There are also a number of different security
level options for the passphrase, varying from 'read it from PGPPASS and
keep it in memory' to 'request it every time and delete it as soon as
possible', via 'request it when neccesary and delete it if it's not used
for a while'.
I've now patched PGP Tools for Linux. The code is available on
utopia.hacktic.nl as pgptools.linux.1.0.tar.gz.
See the README file for information on compiling the code, and the
user.doc file for user documentation (the little that currently
exists). You should also ensure that you read the security concerns
section in user.doc before using the program.
Mark Grant (mark@unicorn.com)
-----BEGIN PGP SIGNATURE-----
Version: 2.6.3i
Charset: noconv
iQEVAwUBMr0+o1VvaTo9kEQVAQEfiQf6A1ZKDVijf/65NXDTVvsMw9G3nmjqNK4F
mrIJiyoWr3KX66SbC6nSfWKtpjjZFi2R0633BGNA2kVqCpyk5F5UXTZMAXYzVhP6
f9drmWOsThdh07vpVuK2W96W/cpPh3m+Jhzp2pDpUWN0MNgX6ZmNsJzoSng8DmK9
YTERh93ZQ7rrBM6mMsz6ASEzpcu5grH0teAQdbvWHYEguwDn2K2hn1oTcuVXw74C
UFDmx5I86Flfk0nfahldefHO5aSI4fSe+bs7vrZdIRVK60YSxw1dIFYv89bGJAQZ
AfZxchmbMVtTBgI4/B1Lziqr/EJ1QI9+FH+LA7XQSmSWm0QFi5Rz9A==
=6g9Z
-----END PGP SIGNATURE-----
"[Hollywood's] way is so slow and expensive that you'll find yourself
falling asleep on the set and forgetting to say 'action'."
- Robert Rodriguez, 'The Ten Minute Film School'
|-----------------------------------------------------------------------|
|Mark Grant M.A., U.L.C. EMAIL: mark@unicorn.com |
|WWW: http://www.c2.org/~mark MAILBOT: bot@unicorn.com |
|-----------------------------------------------------------------------|
Return to December 1996
Return to “Mark Grant <mark@unicorn.com>”