Well if the server gets hacked and there able to read the script, I
have bigger problems. The pass doesn't matter too much since it's just
for passing a single file between two servers, not like it's multiple
recipients or anything. Plus the public key isn't even published and
the file isn't even stored after it's initially, and instantly

Adam Voigt

On Thu, 2002-11-07 at 12:15, Evan Nemerson wrote:
> You still have to put the password on the command line... Very insecure. I 
> keep waiting for gpgme so I can work on a --enable-gpgme
> What you have is prolly the best solution right now, though. And good hack w/ 
> the home directory. 
> On Thursday 07 November 2002 08:19 am, Adam Voigt wrote:
> > Ok, here's what I ended up with, and it worked:
> >
> > exec("HOME=\"/home/apache\";/bin/echo \"MYPASS\" | /usr/bin/gpg --no-tty
> > --passphrase-fd 0 -o /path/to/decrypted/file -d
> > /path/to/encrypted/file");
> >
> > I had to do the HOME variable setting because according
> > to the log file, GPG was looking for it's .gpg settings
> > directory in / and it didn't have write permissions to create
> > it there, so it kept dying, this way, it finds the directory
> > where it is supposed to be. Feeeeeew.
> >
> > Adam Voigt
> -- 
> Behold, I will corrupt you seed, and spread dung upon your faces.
> -Malachi 2:3

PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Reply via email to