Re: [PATCH] svn_load_dirs.pl: do not print password to screen

From: Branko Čibej <brane_at_apache.org>
Date: Sun, 14 Jul 2019 09:52:17 +0200

On 14.07.2019 09:47, Geoffrey Alary wrote:
> Hi Daniel,
>
>>> CC: both of the most recent and biggest contributors to this file.
>> In principle, same answer as in the other thread (ENOTIME unless it's a
>> regression I signed off on); but…
> Ok noted. Thank you for your replies.
>
>>> It implements a security feature: to hide the password when printing
>>> the command line to screen.
>> I suggest to add a warning to usage() that passing the password in
>> a command-line argument may make it visible to other local OS users.
> Do you mean that showing a warning message would be preferable to
> actually fixing the problem? If yes, why would that be?

On Unix, the 'ps' command can show the entire command line to other
users, so this consideration is independent of what svn_load_dirs.pl is
doing.

-- Brane
Received on 2019-07-14 09:52:28 CEST

This message: [ Message body ]
Next message: Daniel Shahaf: "Re: [PATCH] svn_load_dirs.pl: do not print password to screen"
Previous message: Geoffrey Alary: "Re: [PATCH] svn_load_dirs.pl: do not print password to screen"
In reply to: Geoffrey Alary: "Re: [PATCH] svn_load_dirs.pl: do not print password to screen"
Next in thread: Geoffrey Alary: "Re: [PATCH] svn_load_dirs.pl: do not print password to screen"
Reply: Geoffrey Alary: "Re: [PATCH] svn_load_dirs.pl: do not print password to screen"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]