hi everyone,
I've had a "perfect storm" of cable modem crashes (must move to DSL I
think), new laptop (12" good, 15" much better! :), and many travels but
I wanted to thank everyone for the advice since I posted this request a
week or so ago.
I think Nick is on the right track with the applescript -- no reason
really not to take advantage of it -- but even the 'simpler'
suggestions are good ones. I guess in large part it depends on the
physical security of the actual computer and the ultimate sensitivity
of the data being stored.
I'm going to play around with this idea and see how it works...
cheers
Paul
On 3 Mar 2005, at 09:18, Nick Hristov wrote:
This is good... for a start.
alright some dark scripting magic below (enter this EXACTLY as it is
below, including newlines):
openssl enc -e -aes128 -base64 -pass:`osascript -e "set answr to \"\"
tell app \"Finder\"
activate
display dialog \"Please enter your secret magic word:\" default answer
answr buttons{\"OK\"} default button 1
set answr to text returned of the result
return the answr
end tell
"`
Please also note that the example that Alan gave is somewhat
inaccurate in how it handles base64 encodings. I do not have the time
right now to resolve this issue (will play with it tonight and send
you the actual decryption command too). Now you do not have to worry
about environmental variables or TM preferences security (btw. the
security implications now are that nobody should be doing a process
list on your system at the time of the encryption... that could
compromise the password, but the timing must be very accurate).
Now, who in this forum said that Applescript is useless and did not
want to implement it in TM ;) ?
Nick
On Feb 26, 2005, at 8:53 AM, Allan Odgaard wrote:
On Feb 26, 2005, at 15:15, Paul Nordstrom August
wrote:
What I would like is an on-the-fly encryption --
i.e. select the
text and run a command to encrypt it (with a pre-set password). Then
I could store bank data etc securely.
You can set the password as a custom shell variable for TextMate, go
to preferences / advanced (name it e.g. TM_PASSWD). Then use this
command to encrypt input (which you'd probably set to “selected
text”) as AES-128:
openssl enc -e -aes128 -base64 -pass env:TM_PASSWD
To decrypt the block again, use this command:
openssl enc -d -aes128 -base64 -pass env:TM_PASSWD
Anyone who has access to your TextMate preferences file would be able
to read the password. If this is sufficient security, then I'd
suggest the above. You could also provide the password directly to
the command using: “-pass pass:<password>”, this is less secure than
the variable because other processes running on your machine might be
able to intercept launch arguments.
If you need better security, you could have the command ask for the
password (e.g. using an applescript dialog) and maybe cache it in a
file (readable only by current user) and maybe even have that file
removed after n minutes.
______________________________________________________________________
For new threads USE THIS: textmate(a)lists.macromates.com
(threading gets destroyed and the universe will collapse if you don't)
http://lists.macromates.com/mailman/listinfo/textmate
______________________________________________________________________
For new threads USE THIS: textmate(a)lists.macromates.com
(threading gets destroyed and the universe will collapse if you don't)
http://lists.macromates.com/mailman/listinfo/textmate