On 28/09/08 11:44:33, Michael Witten wrote: > I've noticed that many unix tools require that a user > specify account passwords in config files. > > To me, this seems like a terrible idea, and indeed > msmtp at least prompts for a password when it needs > one. > > However, what if I don't want msmtp to prompt me? For > instance, it seems reasonable to me that someone might > like to create a higher-level program that uses msmtp > to do the grunt work; in many cases, that higher-level > program might like to manage the password in its own > way. > > Sure it's possible that this higher-level program > could provide that password via stdin, but that > seems like a flaky endeavor. > > In short, > > Why are passwords dealt with in the way that > they are? > > Is it dangerous to provide an option such as > --password? > > Is it reasonable to use stdin? > > Why are so many people willing to write their > passwords in config files?
The use of passwords (in contradistinction to the use of more secure methods of authentication) is largely a matter of the MX setup of one's ISP, and mere account-holders often have little say in the matter. For reasons that are not here germane, my ISP's MX server *requires* password authentication. I therefore *am obliged* to provide a password. I include my password in my msmtp config file because my computer is physically isolated and behind a firewall, giving me both LAN and Internet security -- if my email password is compromised then, quite frankly, I have more important things to worry about than whether my email account will be used as a spambot. However, having said that, I occasionally use msmtp in a script. In such cases I create a file for the nonce, give the file minimal permissions, add my ad hoc config parameters (including password) to it, then nuke it immediately it is no longer required. I prefer this to stdin because stdin will be converted into an argument when invoking msmtp -- since one of my scripts involves large mime attachments it means that the arguments to mime will be visible for a considerable time to anyone who runs ps. In my opinion, a password en clair is less vulnerable in a short-lived file than as an argument to a relatively long-running instance of msmtp. Robert Thorsby To be or not to be. -- Shakespeare To do is to be. -- Nietzsche To be is to do. -- Sartre Do be do be do. -- Sinatra ------------------------------------------------------------------------- This SF.Net email is sponsored by the Moblin Your Move Developer's challenge Build the coolest Linux based applications with Moblin SDK & win great prizes Grand prize is a trip for two to an Open Source event anywhere in the world http://moblin-contest.org/redirect.php?banner_id=100&url=/ _______________________________________________ msmtp-users mailing list msmtp-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/msmtp-users
