[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [msmtp-users] Password parameters patch



> Yes, this is possible to some extent, but I'm not sure if we can really
> remove all traces of the original command line from the system
> records

Records (accounting, logs or otherwise) wouldn't be of much
concern, as those are usually restricted to uid 0 or the user
themselves, both presumably trusted and intact. If not, all
bets are off.

> and as you said there will be a race condition.

I don't know anything about arg rewriting, but it seemed racy.

Guess not much left but --passwordeval="cat passfile".

Or an ssh/gpg agent-alike infrastructure for those who
don't want the password stored on disk.

It could be something like passwordeval socat to
domain socket daemon run by the user.

Even this might work and be safe from other uid's too...
export myenvpassX=$(<<EOF
12345
EOF)
msmtp --passwordeval="echo $myenvpassX"
where X is an index if you have more than one account
or calling program to deal with.

Maybe a shared/ipc memory segment with shm tools.