hi everyone, I've had a "perfect storm" of cable modem crashes (must move to DSL I think), new laptop (12" good, 15" much better! :), and many travels but I wanted to thank everyone for the advice since I posted this request a week or so ago.
I think Nick is on the right track with the applescript -- no reason really not to take advantage of it -- but even the 'simpler' suggestions are good ones. I guess in large part it depends on the physical security of the actual computer and the ultimate sensitivity of the data being stored.
I'm going to play around with this idea and see how it works... cheers Paul
On 3 Mar 2005, at 09:18, Nick Hristov wrote:
This is good... for a start.
alright some dark scripting magic below (enter this EXACTLY as it is below, including newlines):
openssl enc -e -aes128 -base64 -pass:`osascript -e "set answr to "" tell app "Finder" activate display dialog "Please enter your secret magic word:" default answer answr buttons{"OK"} default button 1 set answr to text returned of the result return the answr end tell "`
Please also note that the example that Alan gave is somewhat inaccurate in how it handles base64 encodings. I do not have the time right now to resolve this issue (will play with it tonight and send you the actual decryption command too). Now you do not have to worry about environmental variables or TM preferences security (btw. the security implications now are that nobody should be doing a process list on your system at the time of the encryption... that could compromise the password, but the timing must be very accurate).
Now, who in this forum said that Applescript is useless and did not want to implement it in TM ;) ?
Nick
On Feb 26, 2005, at 8:53 AM, Allan Odgaard wrote:
On Feb 26, 2005, at 15:15, Paul Nordstrom August wrote:
What I would like is an on-the-fly encryption -- i.e. select the text and run a command to encrypt it (with a pre-set password). Then I could store bank data etc securely.
You can set the password as a custom shell variable for TextMate, go to preferences / advanced (name it e.g. TM_PASSWD). Then use this command to encrypt input (which you'd probably set to “selected text”) as AES-128: openssl enc -e -aes128 -base64 -pass env:TM_PASSWD
To decrypt the block again, use this command: openssl enc -d -aes128 -base64 -pass env:TM_PASSWD
Anyone who has access to your TextMate preferences file would be able to read the password. If this is sufficient security, then I'd suggest the above. You could also provide the password directly to the command using: “-pass pass:<password>”, this is less secure than the variable because other processes running on your machine might be able to intercept launch arguments.
If you need better security, you could have the command ask for the password (e.g. using an applescript dialog) and maybe cache it in a file (readable only by current user) and maybe even have that file removed after n minutes.
For new threads USE THIS: textmate@lists.macromates.com (threading gets destroyed and the universe will collapse if you don't) http://lists.macromates.com/mailman/listinfo/textmate
For new threads USE THIS: textmate@lists.macromates.com (threading gets destroyed and the universe will collapse if you don't) http://lists.macromates.com/mailman/listinfo/textmate