Decrypting GPG/PGP email messages

Alessandro Bottoni alessandro.bottoni at infinito.it
Thu Sep 1 11:43:19 CEST 2005


I know you will shake you head sadly but... I really have to perform such a
suicidal task (even if for a short time and just for internal use).

I have to send by email (over the open internet) a XML file containing
_system commands_ (yes: the kind of stuff like "rm -dfr /") to a server and
have a Python program sitting on this server, fetching and parsing the
e-mail message and executing the commands (maybe with _root privileges_).

Of course, I want to be sure that only the allowed people is able to send
such dangerous messages to my server so I will ask my users to encrypt and
digitally sign their messages using Thunderbird, Enigmail and GPG as
described in this very fine tutorial:

http://goldenspud.com/webrog/archives/2005/03/10/encrypt-encrypt/

So far, so good, but I still have a couple of doubts about the server side:

1) What would you use to decrypt the messages? The GPG module created by
Andrew Kuchling is declared "incomplete" and "no more maintained" on his
web pages (http://www.amk.ca/python/code/gpg) so I think it is out of the
game. Would you use OpenPGP (http://www.aonalu.net/openpgp/python)? Any
other module?

2) I did not find any mention of _encrypted attachments_ on the Net. Does
anybody know of a tutorial or a guide that explains how to encrypt (with
Thunderbird/Enigmail) and decrypt (with Python) the (ANSI text) files
attached to a email message?

TIA
-----------------------------------
Alessandro Bottoni



More information about the Python-list mailing list