Re: [dev] [ii] exposed password on process monitoring

From: Edgaras <devoas_AT_gmail.com>
Date: Wed, 13 Jun 2012 16:25:14 +0300

I was thinking about password handling for such programs as ii, jj, ji and how
to not store it anywhere, except maybe in program itself in case of needed
reconnect. So I was playing a little with ji and it reads pw from stdin like "ji
-j jid_AT_sev < pw_file". Also recently I was reading about terminal options, and
stty command, after thinkgin about for a while I have come up to something like:

stty -echo; cat | ji -j jid_AT_server ; stty echo; fg

Though it is not fully refined, and since I failed to connect to gtalk, thus did
not have any usage of ji yet, the idea seems promising. Disable echo so that
noone could peek over shoulder, enter pw, press ctrl-d couple of times and pass
it to the client, then enable echo again in case it is needed. So mabe such
solution could work with ii too. Or maybe im missing something and pw still
could be seen somehow even when using this way?
Received on Wed Jun 13 2012 - 15:25:14 CEST

This archive was generated by hypermail 2.3.0 : Wed Jun 13 2012 - 15:36:03 CEST