LinuxQuestions.org
Welcome to the most active Linux Forum on the web.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices

Reply
 
Search this Thread
Old 08-23-2005, 06:57 AM   #1
emuub
Member
 
Registered: Oct 2003
Location: North London, UK
Distribution: Fedora 14
Posts: 54

Rep: Reputation: 16
Question GnuPG - best permissions & security of decrypted file - help please


Using FC4. Opera browser, Opera M2 email client. OpenOffice 2beta
========
and GnuPG as a newbie.

I believe I understand the basics of GnuPG and have created the appropriate keys etc - for that all is ok BUT

Firstly:
Can someone please let me know what permissions should be set.
It is set up to be used by either root or a user but I am not sure of the best way to set permissions for optimum security.

Second:
When a file (e.g. an OoO spreadsheet) is decrypted it is put into an insecure folder - is this correct ! Where should I decrypt to ?

Third:
Not strictly GPG but related; If I open the spreadsheet it will create a temporary file somewhere. How do I ensure that the temporary file is wiped (not just deleted) after use ?

Mike
 
Old 10-14-2005, 05:28 PM   #2
jonaskoelker
Senior Member
 
Registered: Jul 2004
Location: Denmark
Distribution: Ubuntu, Debian
Posts: 1,524

Rep: Reputation: 46
Regarding permissions: set it to 700; Of course, root can always read it, so don't decrypt anything unless you trust root enough.

`Secure folders': give them 700 too.

Secure deletion of temporary files: make a hard link to them (so they won't get unlinked by the creating program), wait for the refcount to go to 1, then shred(1) the file. Don't allow other users to tamper with the hard link, of course.

If the program unlinks the directory entry after creating the temporary file, you're screwed though

hth --Jonas
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
vsftpd & anonymous file permissions uncfleece Linux - Networking 2 01-01-2007 08:14 AM
GnuPG file decrypting rblampain Linux - Security 4 08-11-2005 12:12 AM
set file permissions for 100 directories & its files cevjr Linux - Security 6 01-06-2005 10:23 AM
File & directory permissions waynevnc Debian 5 07-06-2004 02:29 PM
file & dir permissions lnxDE Linux - Newbie 2 05-27-2002 02:48 AM


All times are GMT -5. The time now is 09:02 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration