[pass] [PATCH] Allow custom subcommands

Sylvain Viart sylvain at opensource-expert.com
Tue Oct 4 06:45:35 CEST 2016


Hi Thorsten,

Le 03/10/2016 à 19:30, Thorsten Wißmann a écrit :
>> > Does GPG web of trust sure enough, to allow co-signing script to enable
>> > such signed plugins?
> I don't understand your question. But are you asking how my patch could
> be extended to call only 'signed' extensions?

It was, yes.
I also mention the "web of trust" behavior of GPG, which nice but
complicated, just to see if some reader are involved in such reflexion… ;-)

> If some bad guy has write access to some directory in $PATH and wants to
> take over your password store, then the bad guy can simply add a
> malicious `pass` executable and the user would not notice.

Pass itself could be signed. By the user at init.
I was more thinking, about installing malicious plugin, not having
malicious inside your computer.
I don't think than a password manager can be used on a share system,
with shared memory or process…
It is only designed to work on a personal computer. (I never though
about that before but…)

> I.e. I don't think `pass` should do something like signing of program
> code. It's some separate problem to check if the programs in your $PATH
> are trustworthy or not.

I see your point, you may be right. I just emailed the reference about
signing plugins to let you know.

Not tested your plugin yet…
I like the logic like git or rvm.

Regards,
Sylvain.


-- 
Sylvain Viart - DevOps système linux - freelance developer

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.zx2c4.com/pipermail/password-store/attachments/20161004/a36291ea/attachment.html>


More information about the Password-Store mailing list