Re: SDI: Secure Semantic Data Injection

X-seq: zsh-users 30667

From: Jessica Mulein <jessica@xxxxxxxxxxxxxxxxxxx>

To: "zsh-users@xxxxxxx" <zsh-users@xxxxxxx>

Subject: Re: SDI: Secure Semantic Data Injection

Date: Sun, 17 May 2026 16:44:34 -0700

Arc-authentication-results: i=1; mx.google.com; arc=none

Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20240605; h=to:subject:message-id:date:from:in-reply-to:references:mime-version :dkim-signature; bh=VmTpGvufFqwMmm4hAmWZjpL/dmAxz3TxmWiuEV6GYkk=; fh=nDMzGVm/6HsVcUjFw4xtNc2BjkZGcQK4Bzb7T/VlJlE=; b=jrJRBnZnMUOTTvkNj1ACktOYKsw7Zqm9P0qWQlpJSb5SkD0UVNMQyRtr+DtLiz6XOQ s37B0pLt9XvfNKfb0354dOX/2yGVJ46Tye+V7NCMxH7iO/OpRo/lJPM6v6x8ptrFPuGO 6MIvE6L/tdkilIYJ96SYLN2eMpgtiXavjiVc342kjqvNRV89hC9iHbzaDeW1W2xBcPCL KBlRmVaXeWShngzO6Ofgdx76qrnry01lKyU2S4803XUtwqARPtUJNvZscJY2GMBQPgTi wnSAJ/jwy3s/1DnetBjfzbKO9nf6sMZyNaXwnG3Ik1HrkUCXYFIgKpk282H/cgjxkRB6 tCBQ==; darn=zsh.org

Arc-seal: i=1; a=rsa-sha256; t=1779061486; cv=none; d=google.com; s=arc-20240605; b=ZetT17hdoHmKuSEq3HLJw868kZ1AByCtZrQmKneHko9sviaVruYn0MtCQza35rDLX/ 0KY7WxWAInAoST0gq0r6pL+rKxPkkbA7pu2wbrlB8uRFawgYicAtfuj/1AYNFtLoh7FP YX8+lEdviLOMmf7NPhNhDQMAtCkH1FgqxRyHrbJPA2/ghLdwv4wWdmlqfIZxT+Hoindq aFWGvBNnEIL8ugxqnOGZvcEdUkThkX+/78CYRs/V7KN5yB6gb2PtDvpPZOQk7RpeuCJL /3t3RQaaOH/a5GN7lcDlqrG7/aGJHk4VvmdFj9f5rHgXVb4kJG2OHqO0XAg58nR4gkDW LZOg==

Archived-at: <https://zsh.org/users/30667>

In-reply-to: <ago58SUfy7JQ6Lr3@localhost>

List-id: <zsh-users.zsh.org>

References: <CH3PR20MB6243CF33C4C80323E534808CF6022@CH3PR20MB6243.namprd20.prod.outlook.com> <CH3PR20MB62431346F97C1E1BB2F403E4F6022@CH3PR20MB6243.namprd20.prod.outlook.com> <ago58SUfy7JQ6Lr3@localhost>

I've got to work on my examples 🤦🏼‍♀️

On Sun, May 17, 2026, 2:55 PM Dominik Vogt <dominik.vogt@xxxxxx> wrote:

On Sun, May 17, 2026 at 08:41:01PM +0000, Jessica Mulein wrote:
> I developed a thing called ?SDI? or "Secure Semantic Data
> Injection? and added it to BSH.

The example command from the web site

$ printf '{"username":"alice","password":"s3cr3t","ttl":300}' | ...

puts a plain text copy of the user's password in the zsh history
file which is possibly world readable.

Ciao

Dominik ^_^ ^_^

--

Dominik Vogt

Reverse Date

Date

Thread

Author