Re: mutt and plaintext passwords : muttrc encryption ?
- To: mutt-users@xxxxxxxx
- Subject: Re: mutt and plaintext passwords : muttrc encryption ?
- From: Kyle Wheeler <kyle-mutt@xxxxxxxxxxxxxx>
- Date: Mon, 28 Jul 2008 16:52:24 -0500
- Comment: DomainKeys? See http://domainkeys.sourceforge.net/
- Dkim-signature: v=1; a=rsa-sha1; c=relaxed; d=memoryhole.net; h=date :from:to:subject:message-id:references:mime-version:content-type :in-reply-to; s=default; bh=82PempDD1afUuJK65FqRxzngMPc=; b=RzP1 3ZDfMaFw+3TKQjETi77qmd6b6c6WEE9z3RTUuoj3M4N+SfmTiwUC4wknb/D6m5hS qU8O4MYN5VS8NBaVntGc2ol/t/RFadbAHyamlOiO2Y/m8injHpEfOhyyikvk3QuU CL8GkY2y+gRnhUHTkH1xCEWXt/bZ7Aln/aEk5FQ=
- Domainkey-signature: a=rsa-sha1; q=dns; c=nofws; s=default; d=memoryhole.net; b=mf0YIxnU49EGI5++VYg8KbyxNRSUVqQUbSAagQBcp3DPkbIF1T1DT/1m33gDNbSOHK5Q+8xx28m/e5nuUy+3O5DrR44BqsEhnl3PJBkdYi6cfhWgGFf0lAcmmnhduviyA2Zm2L2p/b60e0OhlhSi9BaMf+wMPUEO8zlaskuU16U=; h=Received:Received:Date:From:To:Subject:Message-ID:Mail-Followup-To:References:MIME-Version:Content-Type:Content-Disposition:In-Reply-To:OpenPGP:User-Agent;
- In-reply-to: <20080728212907.GH25396@xxxxxxxxxxxxxxxxx>
- List-post: <mailto:mutt-users@mutt.org>
- List-unsubscribe: send mail to majordomo@mutt.org, body only "unsubscribe mutt-users"
- Mail-followup-to: mutt-users@xxxxxxxx
- Openpgp: id=CA8E235E; url=http://www.memoryhole.net/~kyle/kyle-pgp.asc; preference=signencrypt
- References: <20080728161249.GA9106@localhost> <20080728175800.GE23674@xxxxxxxxxxxxx> <20080728205341.GB15524@localhost> <20080728212907.GH25396@xxxxxxxxxxxxxxxxx>
- Sender: owner-mutt-users@xxxxxxxx
- User-agent: Mutt/1.5.18 (2008-07-21)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On Monday, July 28 at 09:29 PM, quoth Michael Kjorling:
> I haven't tried it, but I can't get it out of my head... wouldn't
> sourcing through a pipe something that sets the sensitive stuff
> work?
>
> Something like this:
>
> source "gpg -d sensitivestuff.gpg |"
No. That can't work (but we can salvage this idea). First, let me
explain why it can't work.
Think about it: what does the "source" command tell mutt to do? It
tells mutt "read the file with the following name". Even in situations
where ending an item in a pipe means something to mutt, it means "use
the output of this command in place of this variable whenever you need
it". This is useful for doing things such as "set
signature='fortune|'". That is very similar to "set
signature=`fortune`", with the ONLY difference being that in the first
case (with the pipe), mutt runs the command every time it needs the
value of $signature whereas (in the case of backtics) mutt runs it
only when reading the muttrc file.
With that in mind, re-examine the idea of using "source". Does it make
sense to say "use the output of this command whenever you need the
value of ... source?".
What you're looking for is something like the equivalent of an "eval"
command, instead of "source" (if you've done much shell scripting,
you'll understand the difference), because that's the usual name of a
command meaning "treat the following string as a set of commands, and
execute/evaluate the commands". Unfortunately, mutt doesn't have an
"eval" equivalent---largely because mutt's rc file is not a scripting
language (and probably never will be), even though it sometimes seems
like it is.
That said, there is something to be said for your idea. Check this
out: what you CAN do is get mutt to use a named pipe. Like so (I'm
separating the commands to keep my lines short; you can combine most
of these):
set my_mkfifo=`mkfifo -m 600 ~/.muttfifo`
set my_decryptit=`gpg --decrypt ~/.mutt.gpg -o ~/.muttfifo`
source ~/.muttfifo
set my_cleanup=`rm ~/.muttfifo`
Eh? Eh? Nice, no? ;)
Come to think of it, we could do the same thing with all my temp-file
ideas. And we can even handle MTAs this way:
# this is all one line:
set sendmail="rm -f ~/.msmtprc; mkfifo -m 600 ~/.msmtprc; gpg
--decrypt ~/.msmtprc.gpg -o ~/.msmtprc; msmtp"
~Kyle
- --
Genius may have its limitations but stupidity is not thus handicapped.
-- Elbert Hubbard
-----BEGIN PGP SIGNATURE-----
Comment: Thank you for using encryption!
iEYEARECAAYFAkiOP5gACgkQBkIOoMqOI15G2gCfVPc/1UAVZyVrt3G826OBusVh
NV8AoPQGMirMA1YP6etWragGUXrDNryD
=MOIv
-----END PGP SIGNATURE-----