On Fri, Jan 29, 2016 at 3:16 PM Dashamir Hoxha <[email protected]> wrote:
> On Fri, Jan 29, 2016 at 11:16 AM, Kevin Lyda <[email protected]> wrote: > >> I have no idea why you want to do this since your shell already has >> completion. Not sure of the win here. >> > I want to ask user for the passphrase only once, save it in a variable, > I'll admit it, I lied. I guessed you were going to do something like that. Just so I can sleep at night with a clean conscience, you're aware that is a horribly bad idea to do, yes? There's a good chance your password could end up in a swap file or in a core file. A root user can just do "ps auxwwe". And I assume you're passing that password in via the command line so a well timed ps by *any* user will get your password. And generally all these issues are why symmetric encryption is a terrible idea for this. I get that you really want to do it. Just... it's a bad idea. Kevin
_______________________________________________ Password-Store mailing list [email protected] http://lists.zx2c4.com/mailman/listinfo/password-store
