dump all content
jean.rblt at gmail.com
Fri Apr 10 19:57:13 CEST 2020
Ok, so we have basically 2 options so far if I understand correctly:
$ pass grep .
and probably some $ pass grep . > SOME_FILE and then print SOME_FILE
if one wants to print it out.
This works perfectly. The format is a bit different, but this is no
worries at all. I suppose pass grep . is safe 'by design' as it goes
straight into terminal (?). Then people may do whatever they want with
this, including dumping to a file on permanent storage for printing
unfortunately which may be unsafe. So for somebody wanting to print
the passwords, that may be easy but also quite unsafe especially if
the home folder is not encrypted, right?
the script provided, that should create a tmpfs storage for safety. I
have a problem with this on my machine to get it to work as is as my
tmp is not a tmpfs, but I could of course fix it. It looks a bit
redundant with the grep . on several aspects though.
Therefore, it seems that there is not real satisfactory solution at
the moment that make it easy for the user to take 'safe' choices if
they want to dump to a file the passwords for printing, right?
Would it then be a good idea maybe to create a new command to dump to
file? Something that would 1) create a new tmpfs partition 2) dump
there 3) delete automatically the partition after a while to make sure
it disappears? What about something like (this may be bad / very
naive, feedback welcome):
$ pass dump
doing something in this kind:
sudo mount -t tmpfs -o size=128m tmpfs /tmp/password-store-dump
pass grep . > /tmp/password-store-dump/dump.txt
echo "dump available at: /tmp/password-store-dump/dump.txt; will be
cleaned in 15 minutes"
(sleep 900; sudo umount -l /tmp/password-store-dump) &
Would it be reasonable to provide a function in this kind to the user?
Then would it be safe to just open the file and print it (of course
the user still needs to remember to reset / clean the printers memory,
but this is another story)?
More information about the Password-Store