make sure that you are protected from replay attacks. a good idea would be to make the server to send cookies by request of the remote user (you can limit the number of people to whom the server sends cookies) and make sure that messages without the latest cookie will NOT be executed. igor bryce@digicash.com wrote:
-----BEGIN PGP SIGNED MESSAGE-----
Here's an idea that I always wanted to implement but never did yet. I thought I'd share and if someone else has already done it let me have a copy.
I should be able to execute scripts remotely by sending e-mail to an account. Simple mail-handling scripts at that account should check the PGP signature (and timestamp/counter to prevent replay/delay attacks) and then pass the contents to a full script-language interpreter.
Perl is a natural choice of interpreter. Has anybody implemented this (hopefully complete with replay/delay prevention)?
Thanks!
Bryce
P.S. No, actually I can't think of any good use for this trick. But maybe if I had it I would find good uses for it.
-----BEGIN PGP SIGNATURE----- Version: 2.6.2i Comment: Auto-signed under Unix with 'BAP' Easy-PGP v1.1b2
iQB1AwUBMd7FIEjbHy8sKZitAQHhRQMAmZoekRgmUKSYv89/QrkzRFdTUZLZHK8a tlaXLtyJXrOjajxJRVvXWY7Rum6mVXe/4eHTPCGzzWQdXMJB/TJSQeRmTuSiSd9i 0DtWcQSmP4q5AFor48NtNvqAOEonf5Vi =My90 -----END PGP SIGNATURE-----
- Igor.