[pass] Extending pass with user-defined hooks / add ons

bateast bateast at bat.fr.eu.org
Wed Oct 7 13:30:03 CEST 2015 

Lenz Weber <mail at ...> writes:

> 
> As an alternative suggestion to my patch from yesterday.
> 
> This one does not trust the keys in the users ~/.password-store/.gpg-id,
> but it relies on the gpg key owner trust.
> 
> This has an upside and a downside:
> - on the upside, gpg ownertrust is configured outside of the
> ~/.password-store git's reach, further sepearating signature and "who is
> allowed to sign".
> - on the downside, key ownertrust just means "how much do you trust
> someone that he really verifies keys", not "how much do you trust
> someones code". So the required ownertrust should be limited to
> ULTIMATE, which should not be used for any keys but one's own. Then it
> should be okay.
> This could, however lead to users trusting others ultimately out of
> lazyness or misconception, so I'm not sure if this is the way to go :/
> 

Hi all,

I find that subcommands capability is a must – have. Sync them with git is very usefull (then subcommands in a pass subfolder). I am waiting for the patch integration as soon as possible.
I understand that a subcommand should be available only if it has been signed by the user.

My guess is that the user should be lead to review and sign the subcommand when it tries to use it (and he has not already signed it).
BTW, a general /sign/ function would also be usefull in a multi – user environment to prevent malicious modification of a password or metadata.

Subcommand prompt could be something like :
$ pass totp Web/google/account at google.com
> You have not signed totp subcommand. Please review
$PREFIX/$SUBCOMMAND_FOLDER/totp file.
> Already signed by Xxxx Yyyyy, key KKKKKKK trusted ....
> Already signed by Zzzzzz Aaaa, key LLLLLLL trusted ....
> Do you want to sign totp subcommand ? [yN]: y
[gpg sign result append to totp.sig and commited]
> You have signed topt. Running pass totp Web/…
[totp subcommand]
> 865452

Although like I said, I think that a full /sign/ command for any password-store entry shall exist, added as an option to /pass insert, generate/, and status append to /pass show/ output.

Thank you for the work,

~^v^~ Bat.

More information about the Password-Store mailing list