oss-sec mailing list archives

Re: distros & linux-distros embargo period and message format

From: Michael Gilbert <michael.s.gilbert () gmail com>
Date: Fri, 3 Feb 2012 23:20:35 -0500

2012/2/3 Solar Designer:

On Fri, Feb 03, 2012 at 10:00:24PM -0500, Michael Gilbert wrote:

On Fri, Feb 3, 2012 at 8:45 PM, Solar Designer wrote:

Yet the delay itself matters too.  There are different opinions as to
whether it is "the important aspect" or not.


That's why I think its more appropriate to defer such decisions to the
researcher who understands the complexity of the problem at hand (of
course hopefully allowing negotiation with those affected to choose a
disclosure date that can be met).


That's what we have now, right?

[...] I need a tool - a program to mass-decrypt a
PGP/MIME mbox, producing another mbox.  I think such a program might be
generally useful.  Well, or alternatively I need to introduce a
different mechanism for the archive - not treat it as a regular
subscriber like I intended to.


Completely unfleshed out, but a pseudo-bash script along the lines of
the following should do it:

  echo "" > newmbox
  gpg-agent --allow-preset-passphrase
  /usr/lib/gnupg2/gpg-preset-passphrase --preset <cache id>
  cat mbox | while read line; do
      test <header> && echo $line >> /tmp/header
      test <body> && echo $line >> /tmp/body
      if [ <end off body> ]; then
          cat /tmp/header >> newmbox
          cat /tmp/body | gpg --decrypt >> newmbox
      fi
  done
  /usr/lib/gnupg2/gpg-preset-passphrase --forget

Obviously a bit more work there to figure out appropriate conditionals
to put in the angle brackets.


Unless I am missing something, this doesn't handle MIME at all - so it
won't do the trick.


I was trying to keep it simple.  I got the impression that your
concern was potentially needing to enter a passphrase to individually
decrypt each message.  Anyway, just throw in the appropriate munpack
calls above to handle the mime parts.

Best wishes,
Mike

Current thread:

Re: distros & linux-distros embargo period and message format, (continued)
- - - Re: distros & linux-distros embargo period and message format Solar Designer (Feb 01)
    - Re: distros & linux-distros embargo period and message format Kurt Seifried (Feb 01)
    - Re: distros & linux-distros embargo period and message format Marc Deslauriers (Feb 01)
    - Re: distros & linux-distros embargo period and message format Solar Designer (Feb 01)
    - Re: distros & linux-distros embargo period and message format Kurt Seifried (Feb 01)
    - Re: distros & linux-distros embargo period and message format Solar Designer (Feb 01)
    - Re: distros & linux-distros embargo period and message format Michael Gilbert (Feb 03)
    - Re: distros & linux-distros embargo period and message format Solar Designer (Feb 03)
    - Re: distros & linux-distros embargo period and message format Michael Gilbert (Feb 03)
    - Re: distros & linux-distros embargo period and message format Solar Designer (Feb 03)
    - Re: distros & linux-distros embargo period and message format Michael Gilbert (Feb 03)
    - Re: distros & linux-distros embargo period and message format Solar Designer (Feb 03)
  - Re: distros & linux-distros embargo period and message format Thomas Klausner (Feb 01)
    - Re: distros & linux-distros embargo period and message format Solar Designer (Feb 01)