Date: Sat, 14 Apr 2001 02:55:59 -0700 From: Kris Kennaway <kris@obsecurity.org> To: ben <ben@stonehenge-net.com> Cc: freebsd-questions@freebsd.org Subject: Re: gpg self extractor? Message-ID: <20010414025559.B861@xor.obsecurity.org> In-Reply-To: <3AD64D16.7010809@stonehenge-net.com>; from ben@stonehenge-net.com on Thu, Apr 12, 2001 at 05:49:26PM -0700 References: <3AD64D16.7010809@stonehenge-net.com>
next in thread | previous in thread | raw e-mail | index | archive | help
--ADZbWkCsHQ7r3kzd Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Thu, Apr 12, 2001 at 05:49:26PM -0700, ben wrote: > am looking for a way to encrypt a tar file in such a way that it will=20 > self extract with the correct password on the target systems (solaris &= =20 > hpux). does anyone know of such a system, or switch for gzip? i should= =20 > probibaly be using compress/uncompress instead of gzip, due to a lack of= =20 > gnu stuff on our client machines... Bad idea..if you could do this somehow then the PGP protection wouldn't cover the executable goo around the file, so when you run that executable it could do anything to your system, if it's not actually legitimate. Running arbitrary binaries obtained from untrusted sources is bad, mmkay? Kris --ADZbWkCsHQ7r3kzd Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.4 (FreeBSD) Comment: For info see http://www.gnupg.org iD8DBQE62B6vWry0BWjoQKURArZRAJ0QEL0hhN+XKHgGQAoPUKZ0XN06vQCgjcuJ 1w0vxnvm6pqY7HUcWudTYQY= =78bl -----END PGP SIGNATURE----- --ADZbWkCsHQ7r3kzd-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010414025559.B861>