1) Your sysadmin can assuredly get around this too if he wants, and get at your mail even before procmail does. As a general rule of thumb, the sysadmin can do anything. But getting aroudn this would definitely be more dificult then simply reading your /spool/mail file.
True, but I don't know if he'd think of this one...
As long as you are aware of the risks and accept them.. no problem. But "I don't know if he'd think of this" is hardly cryptographically secure..
I'm curious - all the stuff that comes with PGP says to not let your secret key /pass phrase out of your sight, but why is it necessary to guard your secret key so carefully? After all, you have to type your pass phrase to use the secret key, so without the pass phrase, the secret key is useless, isn't it? I mean, besides just destroying it...
Well no.. without the secret key file, you have to factor the public modulus to find the secret key. We all know how are that is.. if he already has the encrypted key file though... then he just has to guess your password. Far less work, unless of course you picked a pass phrase a few hundred letters long. In general, it is impossible to achieve total security on a multi-user system unless you are the sysadmin yourself. You either have to forget it entirely or decide what risks you're willing to take and what risks you're not. Good luck. -- Baba baby mama shaggy papa baba bro baba rock a shaggy baba sister shag saggy hey doc baba baby shaggy hey baba can you dig it baba baba E7 E3 90 7E 16 2E F3 45 * 28 24 2E C6 03 02 37 5C Stuart Smith <stu@nemesis.wimsey.com>