Zsh Mailing List Archive
Messages sorted by: Reverse Date, Date, Thread, Author

Re: Commands with passwords as options



OK, but at least it is hidden from the shell "UI". Take it as
"man-looking-over-your shoulder" protection :-) For example you show
something to  someone, you do a backward history search and a command with a
clear text password you forgot to exclude from history pops out...

2011/2/1 Mikael Magnusson <mikachu@xxxxxxxxx>

> On 1 February 2011 22:15, Julien Nicoulaud <julien.nicoulaud@xxxxxxxxx>
> wrote:
> > Some commands take passwords as option values, which is not very
> secure... I
> > was wondering if there is some way to handle that, for example through a
> > custom completer. Ideally, I here is how it should behave:
> >  - When reaching an option which expected value is a password, prompt for
> it
> > and read it from stdin
> >  - Do not display it in the buffer (just replace it with "XXXX" for
> example)
> >  - When accepting the buffer, replace the displayed buffer with the real
> one
> >  - Save the displayed buffer in the history rather than the real one
> >
> > Does anyone have an idea on how to achieve this ?
>
> That doesn't actually achieve anything, the password is still visible
> in /proc/<pid>/cmdline.
>
> --
> Mikael Magnusson
>


Messages sorted by: Reverse Date, Date, Thread, Author