duplicity-talk
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Duplicity-talk] duply shows sensitive data in process listing

From: Kenneth Loafman
Subject: Re: [Duplicity-talk] duply shows sensitive data in process listing
Date: Tue, 05 Jan 2010 13:52:36 -0600
User-agent: Thunderbird 2.0.0.23 (X11/20090817) 
Yes to both.  I'm thinking something like URL_PASSWORD/URL_USERNAME
could be used, but we'd be better off doing away with environment vars
anyway, and use something like a .duplicity_rc file for the defaults and
credentials.

...Ken

address@hidden wrote:
> I will modify duply accordingly. Still:
> 
> a) Wouldn't it make sense to do the same for the username?
> b) Also, shouldn't the FTP_PASSWORD be made deprecated and a env var
> called URL_PASSWORD or BACKEND_PASSWORD be introduced if the variable
> works for all backends?
> 
> .. ede
> 
> 
> On 04.01.2010 13:17, Kenneth Loafman wrote:
>> address@hidden wrote:
>>> But what about the others? .. ede
>>
>> All of the protocols except S3 should take the password from the
>> environment variable FTP_PASSWORD, however, if the user specifies it in
>> the URL, I don't know a way to obscure it from ps and friends.
>>
>> ...Ken
>>
>>
>>
>>
>> _______________________________________________
>> Duplicity-talk mailing list
>> address@hidden
>> http://lists.nongnu.org/mailman/listinfo/duplicity-talk
> 
> 
> _______________________________________________
> Duplicity-talk mailing list
> address@hidden
> http://lists.nongnu.org/mailman/listinfo/duplicity-talk
>

Attachment: signature.asc
Description: OpenPGP digital signature

reply via email to
[Prev in Thread] Current Thread [Next in Thread]