At 11:54 AM 4/13/2004, Rob wrote:
> -----Original Message-----
> From: fetchmail-friends-admin(_at_)lists(_dot_)ccil(_dot_)org
> [mailto:fetchmail-friends-admin(_at_)lists(_dot_)ccil(_dot_)org] On Behalf Of
> Evan Cooch
>
> I suspect this is an FAQ of sorts, but couldn't find an
> explicit answer to
> this one (if it exists, please set flame-throwers to 'singe only').
I'm pretty sure this is a FAQ, however...
Indeed - it is, but the answer as posted at
http://catb.org/~esr/fetchmail/fetchmail-FAQ.html is pretty hieroglyphic.
In my experience, learned folks with lots of experience can often provide
more succinct answers.
The short answer is, no.
Thats succinct enough. :-)
The longer answer is - you can't win this one. If you go with PGP
you'll need to embed the pass phrase (or use a null one), which gains
you nothing. If you use reversible encryption, the code is in the
source and writing a decryptor would be trivial.
All you can do is trust those with access to the root account as only
root or the owner of the file can read it.
Fair enough. Makes good sense - I guess I'm just surprised that security is
based on 'trust'. Since I'm the only one with root access on the local
mailhost, I guess I'll be fairly comfortable.