> From: lei yang <yanglei.f...@gmail.com>
> git config --global sendemail.smtppass  xxxx this will display
> password in .git config
> can we avoid this ?

The value is in a configuration file which the user can read.  If you
modify the git code, you can prevent "git config" from printing it,
but you can't stop the user from looking in the file.

You might be able to configure Git to use a user-specified program to
send e-mail.  In that case, you can write a setuid program (that knows
the SMTP password internally) to do the SMTP, and tell Git to use the
setuid program (whose executable the user cannot read).



Reply via email to