Resending my reply to the list too...
On 07/06/14 20:39, Martin Furter wrote:
On 07/06/14 20:09, Bert Huijben wrote:
I'm not sure if the envvar option is really any safer than the argument
option, if the command line is really read from the environment block on
these platforms. As such I don't think having a command option for that
really helps.
I don't know a command which shows the environment of a process as nice
as 'ps' shows the process arguments.
But on linux the environment is readable by the owner of the process
through /proc/$PID/environ as the following commandline shows:
$ PASSWORD=secret123 sh -c "tr '\\0' '\\n' < /proc/\$\$/environ" |
grep PASSWORD
For the file solution it might be more useful to use both username and
password from that file.
I guess the option should be named different then, maybe something like
--auth-file or --creds-file or so.
- Martin
