Maciej W. Rozycki wrote:
On Wed, 25 Jul 2007, Matthew Woehlke wrote:
Read from stderr? I admit I've heard stderr is bi-directional but I can't say
I've ever seen it used to read input.
Well, `wget' can be used as a filter (and I did do so a couple of times
in some scripts in the past; I would be surprised if others did not), so
you better keep its standard input and output intact. You could try to
fopen(ttyname(fileno(stderr)), "r") or suchlike instead, but "stderr"
should just work. You may want to have a look at what `ssh' does for
example.
Well, I tried, and obviously reading from stderr is complicated (if even
do-able). Maybe you can improve the patch?
Well, chances are nobody could be bothered to fix your patch if you
submit it incorrectly formatted; I would certainly not if I were the
maintainer.
...which I would be a lot more inclined to do if I had any expectation
of the patch being accepted as-is, which I don't. I expect it to be used
as a reference (if it is even needed) to DTRT.
If Micah wants to ask for my help there, that's one thing. Otherwise I
fail to see how this conversation is worth anyone's time.
Which strikes me as odd, really, but I would guess not so many people use wget
for sites that need a password (I never did until recently), at least not on
non-private computers. I.e. if they do, they're ok with the existing security
risks.
You can store your password in the input file provided to `wget' so it
will be concealed from all the other users of the system apart from the
administrator. And if you do not trust your administrator, you are lost
anyway (they could log all your keystrokes if they wanted to), so why
bother?
There is a difference between trusting my coworkers and leaving a major
password sitting in plain text :-).
--
Matthew
Microsoft: Expect the unexpected
