stupidcomputer
/
pash
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

pash: Use a heredoc instead of printf

This commit is contained in:
Dylan Araps 2019-11-30 11:27:03 +00:00
parent 7b3be8069c
commit 638a011f2a
No known key found for this signature in database
GPG Key ID: 46D62DD9F1DE636E
1 changed files with 11 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
pash
View File

@ -39,8 +39,17 @@ pw_add() {
fi fi
# Use 'gpg' to store the password in an encrypted file. # Use 'gpg' to store the password in an encrypted file.
printf %s "$pass" | "$gpg" "$@" -o "$name.gpg" && # A heredoc is used here instead of a 'printf' to avoid
printf '%s\n' "Saved '$name' to the store." # leaking the password through the '/proc' filesystem.
#
# Heredocs are sometimes implemented via temporary files,
# however this is typically done using 'mkstemp()' which
# is more secure than '/proc'.
"$gpg" "$@" -o "$name.gpg" <<-EOF
$pass
EOF
[ $# = 0 ] && printf '%s\n' "Saved '$name' to the store."
} }
pw_del() { pw_del() {