|
| From: | Jon Bright |
| Subject: | Re: [Monotone-devel] passphrase option |
| Date: | Thu, 12 Aug 2004 11:11:34 +0200 |
| User-agent: | Mozilla Thunderbird 0.6 (Windows/20040502) |
Richard Levitte - VMS Whacker wrote:
I think both are terrible ideas from a security point of view. Looking at the bugs page, I found an entry about adding something similar to ssh-agent, something I like a bit better. Could that be something to look more closely at? (why --passphrase would be bad? Think 'ps auxwwwww'...)
I also don't like the --passphrase idea, but in fairness, it wouldn't be too tricky for monotone to copy over its argv[0] to remove the passphrase. cron does this, sendmail does it, so there's not much to stop monotone doing it.
wrt. the LUA passphrase hook, I wouldn't necessarily want to use it myself, but I don't think of it as a risk per se. Even if ssh-agent (or similar) support were added, I think there's a fair argument for leaving the hook there.
-- Jon Bright Silicon Circus Ltd. http://www.siliconcircus.com
| [Prev in Thread] | Current Thread | [Next in Thread] |