filepro and the SYSTEM command on SuSE Linux

Kenneth Brody kenbrody at bestweb.net
Fri Nov 9 09:44:34 PST 2007


Quoting Jay R. Ashworth (Fri, 9 Nov 2007 11:12:04 -0500):

> On Fri, Nov 09, 2007 at 09:56:38AM -0500, Nancy Palmquist wrote:
>> Here is the framework:
>>
>> I am logged in as filepro - I run a filePro 5.0 dreport to read the
>> names of the files and do a series of processes on each file, the first
>> of which will decrypt the file and write it to my work folder.
>>
>> I make a command string that looks like this:
>> gpg --passphrase-fd 0 --output
>> /var/appl/cccwork/test_PR1194478701017kptestmetropr05.xml --decrypt
>> /home/cccinfo/test_PR1194478701017kptestmetropr05.xml.pgp <
>> /myblessedpassph.txt
>>
>> I then issue the command using SYSTEM
>>
>> system noredraw pgpcmd  (contents of pfpcmd is shown above)
>>
>> It will not run.

Can you define "will not run"?

If you try this instead, do you see any error messages?

     system noredraw pgpcmd & " ; read junk"

(Press Enter to return to filePro.)

> My two snap responses are
>
> 1) GPG isn't in the path inherited by filepro, as modified by filepro
> itself (Ken: does SYSTEM prune PATH?)

filePro doesn't touch the environment unless you call PUTENV.  The
PATH passed to filePro will be the same PATH passed to SYSTEM.

> 2) GPG purposefully won't accept a redirected passphrase, reading it
> from the terminal rather than standard input?

Test this theory by running the identical command, with the identical
redirected input file, and see what happens.

My additional $0.02:

Does gpg work in a setuid environment?  Does it have access to all
of the files involved?  (What are the permissions on the referenced
files, including the paths to them?)  Does PFSYSEUID=OFF have any
effect?

-- 
KenBrody at BestWeb dot net        spamtrap: <g8ymh8uf001 at sneakemail.com>
http://www.hvcomputer.com
http://www.fileProPlus.com


More information about the Filepro-list mailing list