On 7/26/23 17:32, Pádraig Brady wrote:
> On 26/07/2023 15:55, Dröge, Lars wrote:
>> Dear coreutils developers,
>>
>> I have read many tutorials, where a secret is written to a file, which
>> is protected afterwards, like this:
>>
>> ```
>> generate_secret > keyfile
>> chmod 0600 keyfile
>> ```
>>
>> I hope that the following approach would have been intuitive and more
>> secure, as the keyfile was never readable:
>>
>> ```
>> generate_secret | install -x -m 0600 keyfile
>> ```
>>
>> where "-x" would indicate, that stdin shall be used as source. Please
>> take "x" as a placeholder; any letter works for me.
The traditional filename that's a synonym for stdin is "-".
>> Do you like the idea to support stdin?
>>
>> Best regards,
>> Lars
>
> Well /dev/stdin works for this. I.e. this works:
>
> echo secret | install -m 0600 /dev/stdin keyfile
Presumably also install -m 0600 <(generate_secret) keyfile
Rob
