Date: Fri, 4 Aug 2000 11:50:18 -0700 From: "David O'Brien" <obrien@FreeBSD.ORG> To: Dag-Erling Smorgrav <des@flood.ping.uio.no> Cc: current@FreeBSD.ORG Subject: Re: Loss of fetch(1) functionality with libfetch Message-ID: <20000804115018.B23995@dragon.nuxi.com> In-Reply-To: <xzpog3asi0m.fsf@flood.ping.uio.no>; from des@flood.ping.uio.no on Thu, Aug 03, 2000 at 01:26:01PM %2B0200 References: <00Aug3.142942est.115260@border.alcanet.com.au> <xzpog3asi0m.fsf@flood.ping.uio.no>
next in thread | previous in thread | raw e-mail | index | archive | help
On Thu, Aug 03, 2000 at 01:26:01PM +0200, Dag-Erling Smorgrav wrote:
> Peter Jeremy <peter.jeremy@alcatel.com.au> writes:
> > Whilst the environment is somewhat safer than the command line, I'd
> > still prefer not to have passwords embedded in environment variables.
>
> Since ps(1) no longer allows users to view other users' processes'
> environment, I don't think it's a very big issue anymore.
POLA says you should not have changed what fetch(1) expects from the
environmental var.
> > Has this feature been deliberately left out, or is it just one of the
> > bits that you haven't gotten around to implementing yet? Would you
> > be interested in patches to implement it?
>
> Sure. The only clean way of doing this (that I can think of) would be
> to add an interface to libfetch for registering password-prompting
> callbacks.
Then it should have been added -- especially before being MFC'ed.
--
-- David (obrien@FreeBSD.org)
Disclaimer: Not speaking for FreeBSD, just expressing my own opinion.
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-current" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20000804115018.B23995>