Hi Thorsten, Le 03/10/2016 à 19:30, Thorsten Wißmann a écrit : >> > Does GPG web of trust sure enough, to allow co-signing script to enable >> > such signed plugins? > I don't understand your question. But are you asking how my patch could > be extended to call only 'signed' extensions?
It was, yes. I also mention the "web of trust" behavior of GPG, which nice but complicated, just to see if some reader are involved in such reflexion… ;-) > If some bad guy has write access to some directory in $PATH and wants to > take over your password store, then the bad guy can simply add a > malicious `pass` executable and the user would not notice. Pass itself could be signed. By the user at init. I was more thinking, about installing malicious plugin, not having malicious inside your computer. I don't think than a password manager can be used on a share system, with shared memory or process… It is only designed to work on a personal computer. (I never though about that before but…) > I.e. I don't think `pass` should do something like signing of program > code. It's some separate problem to check if the programs in your $PATH > are trustworthy or not. I see your point, you may be right. I just emailed the reference about signing plugins to let you know. Not tested your plugin yet… I like the logic like git or rvm. Regards, Sylvain. -- Sylvain Viart - DevOps système linux - freelance developer
_______________________________________________ Password-Store mailing list [email protected] http://lists.zx2c4.com/mailman/listinfo/password-store
