[pass] [RFC][PATCH] create a default .gitignore for pass if not exists
eirc
eirc.eirc at gmail.com
Fri Sep 19 16:35:59 CEST 2014
Hey, I tried adding a gitignore like this one but the problem is that the
way gitignore works it only "unignores" gpg files in the root folder, which
is very problematic. Probably the second solution of just using pass code
to check extensions (and maybe contents) would be better.
On Mon, Aug 25, 2014 at 6:47 PM, Tobias V. Langhoff <tobias at langhoff.no>
wrote:
> On Mon, Aug 25, 2014 at 1:54 PM, Justus <justus.seifert at cloudandheat.com>
> wrote:
> > Hello pass devs,
> > I noticed that some users accidentally commit plain text passwords to
> > shared repositories, because they sometimes use editors and gpg without
> > invoking pass. to remedy this problem, which leads to security
> > problems, I propose this patch that would prevent accidental commit of
> > unencrypted files in the password store
>
> This is a good idea! I also think that pass should at some point,
> perhaps during commit, let the user know that there are weird files in
> their tree. Their mere existence is a security problem.
>
> --
> Tobias V. Langhoff
> _______________________________________________
> Password-Store mailing list
> Password-Store at lists.zx2c4.com
> http://lists.zx2c4.com/mailman/listinfo/password-store
>
--
Errikos Koen,
Web Developer / Software Engineer
www.pamediakopes.gr
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.zx2c4.com/pipermail/password-store/attachments/20140919/a27dc52d/attachment.html>
More information about the Password-Store
mailing list