> > > > It implements a security feature: to hide the password when printing
> > > > the command line to screen.
> > >
> > > I suggest to add a warning to usage() that passing the password in
> > > a command-line argument may make it visible to other local OS users.
> > Do you mean that showing a warning message would be preferable to
> > actually fixing the problem?
> No. I think the warning and the asterisking are independent changes;
> I suppose we should make both of them.
This is the second version of the patch, including the suggestion from
Do not print password to screen in svn_load_dirs.pl.
(sanitize_pwd): New function.
(safe_read_from_pipe, read_from_process): Update the sites printing
the command line to screen to use sanitize_pwd.
(usage): Warn that other local OS users may be able to see the
password passed on the command-line.
Fix indentation; that is, replace the 2 tab occurrences by 8 spaces.
Received on 2019-07-14 14:23:31 CEST