Zsh Mailing List Archive
Messages sorted by: Reverse Date, Date, Thread, Author

Re: Commands with passwords as options



On 2/1/11, Julien Nicoulaud <julien.nicoulaud@xxxxxxxxx> wrote:
> Some commands take passwords as option values, which is not very secure... I
> was wondering if there is some way to handle that, for example through a
> custom completer. Ideally, I here is how it should behave:
>  - When reaching an option which expected value is a password, prompt for it
> and read it from stdin
>  - Do not display it in the buffer (just replace it with "XXXX" for example)
>  - When accepting the buffer, replace the displayed buffer with the real one
>  - Save the displayed buffer in the history rather than the real one
>
> Does anyone have an idea on how to achieve this ?
>
> Regards,
> Julien
>

This strikes me as something that's so insecure that it should LOOK
insecure.  Hiding it in the history file is ok, but if the password is
hidden on the command line the user will assume it's being hidden in
other ways, when that's not actually possible.
-- 

-PJ



Messages sorted by: Reverse Date, Date, Thread, Author