[pass] Simple password store
dashohoxha at gmail.com
Mon Feb 1 11:33:40 CET 2016
On Fri, Jan 29, 2016 at 5:11 PM, Kevin Lyda <kevin at ie.suberic.net> wrote:
> On Fri, Jan 29, 2016 at 3:16 PM Dashamir Hoxha <dashohoxha at gmail.com>
>> On Fri, Jan 29, 2016 at 11:16 AM, Kevin Lyda <kevin at ie.suberic.net>
>>> I have no idea why you want to do this since your shell already has
>>> completion. Not sure of the win here.
>> I want to ask user for the passphrase only once, save it in a variable,
> I'll admit it, I lied. I guessed you were going to do something like that.
> Just so I can sleep at night with a clean conscience, you're aware that is
> a horribly bad idea to do, yes? There's a good chance your password could
> end up in a swap file or in a core file. A root user can just do "ps
> auxwwe". And I assume you're passing that password in via the command line
> so a well timed ps by *any* user will get your password.
Now I am passing the passphrase from stdin, using the option
`--passphrase-fd 0` of gpg:
After trying lots of other things, I was lucky to find this:
I think that at least "ps auxwwe" is not an issue now. Is it?
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Password-Store