Hello Michael! On Sat, 27. Sep 2008, 20:44:33 -0500, Michael Witten wrote: > Is it dangerous to provide an option such as > --password?
On multiuser systems: yes, because everyone else can look at your command line, e.g. via ps or /proc/<pid>/cmdline. > Is it reasonable to use stdin? Msmtp reads the mail from stdin, and it currently refuses to read a password from stdin. > Why are so many people willing to write their > passwords in config files? I guess because there are few alternatives. The best thing to do is to store all of the passwords in a key ring that encrypts and manages them. When an application needs a password, it asks the key ring, which then prompts the user for the master password to the key database (if it has not already done so). Unfortunately, key rings are not standardized and depend on the user's desktop environment. Msmtp currently supports the Mac OS X and GNOME key rings, but it would be nice to support more. Does someone know of an abstraction layer for all the different key rings that portable applications can easily use? Regards, Martin ------------------------------------------------------------------------- This SF.Net email is sponsored by the Moblin Your Move Developer's challenge Build the coolest Linux based applications with Moblin SDK & win great prizes Grand prize is a trip for two to an Open Source event anywhere in the world http://moblin-contest.org/redirect.php?banner_id=100&url=/ _______________________________________________ msmtp-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/msmtp-users
