Again reply to the list too :)
GUI's which change buttons etc. depending on whatever they like are bad...
On 07/08/14 08:02, Martin Furter wrote:
On 07/08/14 03:33, Ben Reser wrote:
On 7/6/14 5:16 AM, Martin Furter wrote:
Attached is a log message and a patch which adds the new options
'--password-file' and '--password-envvar'. It also adds Julians
warning to the
'--password' help text.
I veto (-1) --password-envar (and peters follow-up suggestion of a
hard-coded
environment variable). As several other people have shown the
environment of a
running program is often just as available as the command line
arguments. The
whole point of this exercise is to improve the security of the manner
in which
we allow passwords to be provided in order to guide users to make good
choices.
We're not achieving anything if we only provide them with new insecure
choices.
On Linux I see only the environment of my own processes. On OpenBSD I
see only HOME and PATH for other users. So envvar seems to not be less
secure than a password file.
If you really want to improve security the only option is using stdin.
I had a patch for that ready. But then people started wishing other
things so I just implemented without thinking too much :)
- Martin
Allow the password to be supplied through stdin.
* subversion/svn/svn.c
(sub_main): Read the password from stdin when '-' is specified. Disallow
multiple use of '-' for the options --password and -F.
Index: subversion/svn/svn.c
===================================================================
--- subversion/svn/svn.c (revision 1607783)
+++ subversion/svn/svn.c (working copy)
@@ -2018,9 +2018,16 @@
* later (if it's a log/lock message or an svn:* prop value),
* according to the value of the '--encoding' option. */
SVN_ERR(svn_utf_cstring_to_utf8(&utf8_opt_arg, opt_arg, pool));
+ if (strcmp(utf8_opt_arg, "-") == 0)
+ {
+ if (reading_file_from_stdin)
+ return svn_error_create(SVN_ERR_CL_ARG_PARSING_ERROR, NULL,
+ _("stdin ('-') must not be specified "
+ "more than once"));
+ reading_file_from_stdin = TRUE;
+ }
SVN_ERR(svn_stringbuf_from_file2(&(opt_state.filedata),
utf8_opt_arg, pool));
- reading_file_from_stdin = (strcmp(utf8_opt_arg, "-") == 0);
dash_F_arg = utf8_opt_arg;
break;
case opt_targets:
@@ -2094,8 +2101,24 @@
opt_arg, pool));
break;
case opt_auth_password:
- SVN_ERR(svn_utf_cstring_to_utf8(&opt_state.auth_password,
- opt_arg, pool));
+ SVN_ERR(svn_utf_cstring_to_utf8(&utf8_opt_arg, opt_arg, pool));
+ if (strcmp(utf8_opt_arg, "-") == 0)
+ {
+ svn_stringbuf_t *buffer, *buffer_utf8;
+
+ if (reading_file_from_stdin)
+ return svn_error_create(SVN_ERR_CL_ARG_PARSING_ERROR, NULL,
+ _("stdin ('-') must not be specified "
+ "more than once"));
+ reading_file_from_stdin = TRUE;
+ SVN_ERR(svn_stringbuf_from_file2(&buffer, utf8_opt_arg, pool));
+ SVN_ERR(svn_utf_stringbuf_to_utf8(&buffer_utf8, buffer, pool));
+ opt_state.auth_password = buffer_utf8->data;
+ }
+ else
+ {
+ opt_state.auth_password = utf8_opt_arg;
+ }
break;
case opt_encoding:
opt_state.encoding = apr_pstrdup(pool, opt_arg);
