Prev-20 Home Next-20 2 msg GnuPG for Outlook Express 4 msg setting the url field of a OpenPGP fails when u... 4 msg scdaemon forgets sometimes some data from an Op... 1 msg [GPGol] Support for multipart/signed messages? 3 msg MPI too large 11 msg More questions about: 'gpg: WARNING: message wa... 5 msg Error: MPI larger than indicated length 17 msg auto-key-locate pka (gpg version 1.4.3) 6 msg fetching DE415B0E from sks ([don't know]: inval... 6 msg [Announce] Gpg4win 1.0.0 released 1 msg Cygwin and 1.9 branch 12 msg Automated processes 12 msg Date and time format 1 msg re: 1.4.3 // proper syntax for --edit-key cross... 1 msg keytocard doesn't move key Automated Decryption via Script Running Setuid \ John M Church (5 Apr 2006) 12 msg 1.4.3 // proper syntax for --edit-key cross-cer... 3 msg OpenPGP card: What RSA problems? Why not for ke... 2 msg pka-lookups 7 msg GnuPG - where is the .exe file??? Prev-20 Home Next-20

Prev-Msg Prev-Thread Gnupg-users Apr-2006 Next-Thread Next-Msg Subject: Automated Decryption via Script Running Setuid Group: Gnupg-users From: John M Church Date: 5 Apr 2006 Searched the archives back through Oct. '05 and didn't see a solution to my problem... Bottom line to problem: If a script running setuid as userA but called by userB contains a GPG command, GPG responds with userB information instead of userA. I have a perl script 'parseMail_andSubmit_toDB.pl' that is being routed information from a C-wrapper that runs as userA. -rwsr-sr-x userA pass_STDIN_to_parseMail_andSubmit_toDB.exe The info contained in STDIN is an emailed message with an attached file (encrypted with userA's public key). In parseMail_andSubmit_toDB.pl, I save the attachment to a file and call a second perl script 'decrypt_file.pl'. This script contains userA's passphrase which I am attempting to use to decrypt the file ala: "cd $dir_containing_file; echo \'${passphrase}\' | /usr/local/share/bin/gpg --passphrase-fd 0 --output ${file_to_decrypt}_cleartext$$ --decrypt $file_to_decrypt". However GPG responds with: "cp: cannot create /.gnupg/gpg.conf: Permission denied gpg: fatal: can't create directory `~/.gnupg': No such file or directory secmem usage: 0/0 bytes in 0/0 blocks of pool 0/32768" It is as-if GPG knows that userB originated the call (in this case the email daemon which probably doesn't have a /home/daemon and certainly doesn't have GPG keys). So I setup a second test where jchurch (as userB) called the c-wrapper and changed the GPG command in decrypt_file.pl to 'echo \'Calling whoami\'; /usr/ucb/whoami; /usr/local/share/bin/gpg --list-keys' and I received the key info for userB instead of userA. See below. -------------------------------- pub 1024D/63A468CF 2006-03-23 uid John Church (Second Key working with Joel) <john.m.church> sub 2048g/2D0142AB 2006-03-23 pub 1024D/F3D3D15D 2006-04-03 uid razoradm (Razor Administrator) <john.m.church> sub 2048g/B73F17B6 2006-04-03 The key info for userA should have been returned. Does anyone have any clue as to whether GPG is this smart? I admit to being a newbie to GPG so perhaps I'm doing something stupid. Any suggestions would be appreciated. Thanks-in-advance, John_inDenver _______________________________________________ Gnupg-users mailing list Gnupg-users http://lists.gnupg.org/mailman/listinfo/gnupg-users Prev-Msg Prev-Thread Gnupg-users Apr-2006 Next-Thread Next-Msg

© 2004-2008 readlist.com