Re: [debian-knoppix] Security Problem with saveconfig
On Thu, Aug 15, 2002 at 04:39:02PM -0700, Ahmet Mehmet wrote:
> Hello list,
> I think there is a security problem with saveconfig.
> The problem is that it saves (if requested) everything
> under /home/knoppix.
No, it doesn't. It saves $HOME/Desktop and the .-config files, if
requested.
> But if I want to use gpg with KNOPPIX, the .gnupg
> directory (in which key files reside) is also saved in
> plain format which is a security risk according to
> www.gnupg.org
Yes, you should not save your private keys on a public accessible
medium.
> The usual way for saving these files should be
>
> [ -z "$GNUPGHOME" ] && GNUPGHOME="$HOME/.gnupg/"
> [ -d $GNUPGHOME ] && ( tar c $GNUPGHOME | /
> gpg -o gnupg.conf -c 2>/dev/null )
>
> which saves the key files with symmetric encryption.
> It asks for a password.
>
> IGNORE variable in saveconfig must include ".gnupg"
> directory, and a ( echo "$HOME/gnupg.conf >> $TMP )
> should exist somewhere after encryption.
What if somebody WANTS to save his/her gnupg key on floppy disk?
> I tried to embed this into saveconfig but I could not
> succeed. gpg -c asks for a password input, but how
> could it be done? [X]Dialog has an inputbox option but
> I could not use it for now.
You may have to use expect.
Regards
-Klaus
_______________________________________________
debian-knoppix mailing list
debian-knoppix@linuxtag.org
http://mailman.linuxtag.org/mailman/listinfo/debian-knoppix
Reply to: