A script I'm writing to help me manage loop-aes v.2
partition-backed loops (a la README sect 7.2 Ex 2)
needs to be launched by a filemanager ie not from a
commandline.
In order for the terminal user to enter the passphrase
to encrypt the keyfile, I want to open an rxvt window
running gpg from the script (unless there's another
way). Since the -e option to rxvt only seems to take
one command argument, I seem to be stuck with this:
mkfifo -m 600 npipe
head -c 2925 /dev/random | uuencode -m - | head -n 65
| tail -n 64 >npipe &
rxvt +sb -geometry 80x1 -fn fixed -cr blue -T
"Password" -e gpg -c -a -o ${KEYFILE} npipe
wait
rm -f npipe
(Rxvt seems to accept no other workarounds that I can
find).
Is this much less secure than the usual anonymous
pipe?
Or, if an attacker was in a position to read from the
named pipe, does that mean they would be in a position
to easily compromise the encryption anyway (with or
without the named pipe)?
I considered making root the pipe owner to tighten
security on the named pipe but the user has sudo
rights anyway so why bother.
I've thought I could randomise the path and name of
the named pipe to make it harder to watch for by
doing something (?) like:
r=$(((RANDOM%(99))/2))
NPIPENAME=$(head -c $RANDOM /dev/random| uuencode -m -
| head -n 2 | tail -n 1| cut -c -$r )# also add a sed
filter for bad chars except /
But a trojan/intruder could still watch for new pipes
some other way, no doubt.
Help! Any comments or suggestions?
__________________________________
Discover Yahoo!
Use Yahoo! to plan a weekend, have fun online and more. Check it out!
http://discover.yahoo.com/
-
Linux-crypto: cryptography in and on the Linux system
Archive: http://mail.nl.linux.org/linux-crypto/
