[PATCH] stop using pwgen
Tobias Girstmair
junkgir-passwd at yahoo.de
Sun Dec 18 15:49:18 CET 2016
Antoine Beaupré <anarcat at debian.org> schrieb am 0:40 Sonntag, 18.Dezember 2016:
> I believe that "head", "base64" and "tr" are UNIX tools.
true. I'd still prefer a tool made for something like that.
> to be fair, it is much better than it was now. i don't think there are
> any known vulnerabilities in pwgen at this point
exactly. `pwgen` also has the advantage of being widely used (therefore vulns get found),
our 'home brew' base64/tr/whatever version won't get that same amount of scrutiny.
More information about the Password-Store
mailing list