[pass] copying usernames and urls
Matthieu Weber
mweber at free.fr
Tue Apr 29 18:33:03 CEST 2014
On Tue 29.04.2014 at 05:34:40PM +0200, René Neumann wrote:
> Am 29.04.2014 17:17, schrieb Alfredo Pironti:
> >>
> >> If this is your point, doesn't the problem exist anyway? It can happen
> >> the same, even if the command is not part of pass but external (or a
> >> shell pipeline ...). The only reasonable thing here would be to have
> >> educated users who 'know what they are doing' (i.e. for the example
> >> above see the problem and change the pwd accordingly).
> >>
> >
> > I think it's a matter of separation of concerns (or "who to blame?").
> > Sticking to Unix philosophy, each tool is good at doing one (its) thing.
> > So if the firefox plugin uses a specific format and at some point fails
> > in parsing it, you can blame the plugin rather than pass. Pass is kept
> > simple and audited for its core tasks.
Then I would suggest to split pass into a backend tool that stores
passwords as encrypted files, but makes no assumption whatsoever about
the content of the files, and a frontend tool that makes some
assumptions about the content (such as "the password is on the firt
line") and provides more advanced services (like copying the password to
the clipboard). Commands that are not understood by the frontend are
then delegated to the backend.
As such, the FF plugin is just another frontend, and the menu-based tool
yet another frontend. The problem of course would be to have a file
format that can be understood by several different frontends.
Alternatively, what I described as frontends could, in the case of
text-based tools, be implemented as plugins into the current tool. This
would of course increase the complexity of the tool, something that
Jason has fought very hard on this list.
Matthieu
--
(~._.~) Matthieu Weber - mweber at free.fr (~._.~)
( ? ) http://weber.fi.eu.org/ ( ? )
()- -() public key id : 0x85CB340EFCD5E0B3 ()- -()
(_)-(_) "Humor ist, wenn man trotzdem lacht (Otto J. Bierbaum)" (_)-(_)
More information about the Password-Store
mailing list