12021/05/01 03:29.51 ನಲ್ಲಿ, Patrik Keller <[email protected]> ಬರೆದರು: > Dear all, > > it's probably no news for you, but running `pass edit secret` might leak > information to persistent storage if `$EDITOR` is not configured > properly. I got hit by this after switching from vim to neovim. The > latter defaults to storing swap, undo, and backup files in the user's > home directory [0]. > > My personal thoughts on this are: > 1. Neovim should not have changed the default. > 2. `pass edit` should warn about the potential leakage. > 3. I want to set the password editor independent of `$EDITOR`. > > I could imagine the following workflow for `pass edit`: > 1. Prefer `$PASS_EDITOR` over `$EDITOR` over `vi`. > 2. If `$PASS_EDITOR` is not set print a warning about the potential > leakage and ask for confirmation. > 3. Proceed as before. > > Do you know a better solution? Maybe one that works w/o changing pass? > > Best > Patrik > > 0: https://github.com/neovim/neovim/issues/4481
The pass extension tail-edit opens up everything except for the first line (which is assumed to contain the password) and then prepends the password before saving to the password store: https://github.com/palortoff/pass-extension-tail HTH! - Chiraag -- ಚಿರಾಗ್ ನಟರಾಜ್ Pronouns: he/him/his
publickey - [email protected] - b0c8d720.asc
Description: application/pgp-keys
signature.asc
Description: OpenPGP digital signature
