[pass] [PATCH 2/2] clip: add GPaste support
Jason A. Donenfeld
Jason at zx2c4.com
Mon May 11 14:10:44 CEST 2015
On Mon, May 11, 2015 at 2:03 PM, Marc-Antoine Perennou <
Marc-Antoine at perennou.com> wrote:
>
> I don't really understand your comment about /proc/$PID/cmdline. Where
> is it used?
>
When you call "gpaste insert-password super-secret-password", everybody can
see your password for a split second in "ps" output.
>
> GPaste has built-in support for managing password, so why would you
> want to just nuke the whole history of the user instead of making use
> of this feature?
>
Can it be used safely?
>
> Or what you mean is that passing the password as an argument is the
> problem? If this is the problem, I don't see how "echo password |
> xclip" is any better.
>
echo is a bash built-in, and thus its arguments will not show up in
/proc/*/cmdline, as it does not spawn a new process.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.zx2c4.com/pipermail/password-store/attachments/20150511/9f341d78/attachment-0001.html>
More information about the Password-Store
mailing list