[pass] [RFC][PATCH] create a default .gitignore for pass if not exists
Tobias V. Langhoff
tobias at langhoff.no
Mon Aug 25 17:47:31 CEST 2014
On Mon, Aug 25, 2014 at 1:54 PM, Justus <justus.seifert at cloudandheat.com> wrote:
> Hello pass devs,
> I noticed that some users accidentally commit plain text passwords to
> shared repositories, because they sometimes use editors and gpg without
> invoking pass. to remedy this problem, which leads to security
> problems, I propose this patch that would prevent accidental commit of
> unencrypted files in the password store
This is a good idea! I also think that pass should at some point,
perhaps during commit, let the user know that there are weird files in
their tree. Their mere existence is a security problem.
--
Tobias V. Langhoff
More information about the Password-Store
mailing list