In article <55abddd692alan.dawes@xxxxxxxxxxxxx>,
Alan Dawes <alan.dawes@xxxxxxxxxxxxx> wrote:
[Snip]
I've not used !Infozip on RiscOS but the routines for password encrypting
and decrypting are in the latest !Infozip 3.07 on Harriet's site:
http://www.starfighter.acornarcade.com/mysite/utilities.htm
but you may need to go to the command line to use them.
The !Infozip.Routines.unzip/txt in her version says:
"-P password use password to decrypt encrypted zipfile entries (if
any). THIS IS INSECURE! Many multi-user operating
systems provide ways for any user to see the current
command line of any other user; even on stand-alone
systems there is always the threat of over-the-shoulder
peeking. Storing the plaintext password as part of a
command line in an automated script is even worse.
Whenever possible, use the non-echoing, interactive
prompt to enter passwords.
(And where security is truly important, use strong
encryption such as Pretty Good Privacy instead of the
relatively weak encryption provided by standard zipfile
utili- ties.)"
and in !Infozip.Routines.zip/txt says:
"-P password
--password password
Use password to encrypt zipfile entries (if any). THIS IS
INSECURE! Many multi-user operating systems provide ways for
any user to see the current command line of any other user;
even on stand-alone systems there is always the threat of
over-the-shoulder peeking. Storing the plaintext password as
part of a command line in an automated script is even worse.
Whenever possible, use the non-echoing, interactive prompt to
enter passwords. (And where security is truly important, use
strong encryption such as Pretty Good Privacy instead of the
relatively weak standard encryption provided by zipfile
utilities.)"
Alan
