-----BEGIN PGP SIGNED MESSAGE-----
Can I safely put the following rule in my .procmailrc so that it will
execute my own signed mail-order commands and nothing else?
# 1. check signed exec command with pgp and strip
# signature to prevent replay attacks
:B fbw
^^-----BEGIN PGP SIGNED MESSAGE-----$$exec
| pgp +batchmode -f +pubring=$HOME/.pgp/authorized.pgp
:a fb # 2. execute body with /bin/sh
| sh
:A fhw # 3. generate return header
| formail -r
:a w # 4. send result back
! -t
There seems to be no better pgp command syntax to have it check that
its input is indeed a message PGP signed by a specific user and have
it not let anything else pass through to stdout or exit(EX_OK=0).
I'd place a keyring with none but the authorized user's public key in
~/.pgp/pubring.pgp so that signature OKs from any other people's
signatures won't give any false positive.
Is this a safe method?
-----BEGIN PGP SIGNATURE-----
Version: 2.6.3i
Charset: latin1
Comment: http://home.pages.de/~oma/pgpkey.txt
iQCVAwUBND3kGvGfW7iHMpmVAQEnegP+KtcoVg3qzaLSeitCov9cOf8gO4LxSLwM
ye5OJoBo99kK75JY5+kV4nXBorndBe6byubk2xIN6E9LvXNVwg/hlMm/oOS9g6O9
xB9ytB1ETUuRPSKdduPtzhib77/0SlgOjBGInQyDrO00dxmJ0mCCT0Vg6RyB560L
N9VWw7uJbMM=
=pn8Q
-----END PGP SIGNATURE-----