Am 29.04.2014 16:57, schrieb Alfredo Pironti: > > Letting software run on unexpected data (the case where the user invokes > the additional command on unformatted data) can have bad consequences. > Sure one can try to implement conservative checks to gracefully fail, but > they increase > complexity and sometimes one just misses such checks. Since this is > software running on sensitive data, taking the conservative approach > (of not parsing user data at all) seems safer, although functionality may > be hindered a bit.
Just to see, if I understand your point: If pass itself does not enforce a format per se, but offers some subcommand that expect a certain format, things may go wrong. So for the fields example, there may be someone, who (by chance) has a password that starts with 'User:' which now gets output though it should not. If this is your point, doesn't the problem exist anyway? It can happen the same, even if the command is not part of pass but external (or a shell pipeline ...). The only reasonable thing here would be to have educated users who 'know what they are doing' (i.e. for the example above see the problem and change the pwd accordingly). - René _______________________________________________ Password-Store mailing list [email protected] http://lists.zx2c4.com/mailman/listinfo/password-store
