[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [msmtp-users] Password parameters patch

To: msmtp-users@lists.sourceforge.net
Subject: Re: [msmtp-users] Password parameters patch
From: grarpamp <grarpamp@...20...>
Date: Tue, 3 Jul 2012 02:08:35 -0400
In-reply-to: <20120703065911.657fe50e@...292...>
List-archive: <http://sourceforge.net/mailarchive/forum.php?forum_name=msmtp-users>
List-help: <mailto:msmtp-users-request@lists.sourceforge.net?subject=help>
List-id: "General discussion, questions & answers" <msmtp-users.lists.sourceforge.net>
List-post: <mailto:msmtp-users@lists.sourceforge.net>
List-subscribe: <https://lists.sourceforge.net/lists/listinfo/msmtp-users>, <mailto:msmtp-users-request@lists.sourceforge.net?subject=subscribe>
List-unsubscribe: <https://lists.sourceforge.net/lists/listinfo/msmtp-users>, <mailto:msmtp-users-request@lists.sourceforge.net?subject=unsubscribe>
References: <20120702140823.GB995@...20...> <20120702184208.27471786@...292...> <20120702184122.GA29859@...20...> <CAD2Ti2_MDLAJ+n5vpjCTkcPAJvJ9Hx-a+xHNMYPuw6jfwp9wuA@...26...> <20120703065911.657fe50e@...292...>

> Yes, this is possible to some extent, but I'm not sure if we can really
> remove all traces of the original command line from the system
> records

Records (accounting, logs or otherwise) wouldn't be of much
concern, as those are usually restricted to uid 0 or the user
themselves, both presumably trusted and intact. If not, all
bets are off.

> and as you said there will be a race condition.

I don't know anything about arg rewriting, but it seemed racy.

Guess not much left but --passwordeval="cat passfile".

Or an ssh/gpg agent-alike infrastructure for those who
don't want the password stored on disk.

It could be something like passwordeval socat to
domain socket daemon run by the user.

Even this might work and be safe from other uid's too...
export myenvpassX=$(<<EOF
12345
EOF)
msmtp --passwordeval="echo $myenvpassX"
where X is an index if you have more than one account
or calling program to deal with.

Maybe a shared/ipc memory segment with shm tools.

References:
- [msmtp-users] Password parameters patch
  - From: Ambrevar <ambrevar@...20...>
- Re: [msmtp-users] Password parameters patch
  - From: Martin Lambers <marlam@...23...>
- Re: [msmtp-users] Password parameters patch
  - From: Ambrevar <ambrevar@...20...>
- Re: [msmtp-users] Password parameters patch
  - From: grarpamp <grarpamp@...20...>
- Re: [msmtp-users] Password parameters patch
  - From: Martin Lambers <marlam@...23...>

Prev by Date: Re: [msmtp-users] patch to ignore comments, and broken build
Next by Date: Re: [msmtp-users] Password parameters patch
Previous by thread: Re: [msmtp-users] Password parameters patch
Next by thread: Re: [msmtp-users] Password parameters patch
Index(es):
- Date
- Thread