You get those for free with the "somecommand <(pass ...)" sytnax - output from pass is piped into a FIFO and the name of the FIFO is passed to the program. Permissions in the FIFO should also be very tight. The thing is, that doesn't help with programs expecting the password as an argument. But in that case, the real problem lies with these programs, as this is inherently insecure.
Am 29.08.2017 um 07:08 schrieb Martin Weis: > Am 29.08.2017 um 00:03 schrieb Radon Rosborough: >> Is there an alternative, then? What would you recommend, for running a >> command that takes a password? > > You could have a (temporary) credentials file (enforce: with minimum > file permissions set). It depends on the program if there is an option > for it and how that needs to look like. > > > > > _______________________________________________ > Password-Store mailing list > [email protected] > https://lists.zx2c4.com/mailman/listinfo/password-store >
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Password-Store mailing list [email protected] https://lists.zx2c4.com/mailman/listinfo/password-store
