From: Andreas Ericsson <ae@op5.se>
To: Johannes Schindelin <Johannes.Schindelin@gmx.de>
Cc: Jeff King <peff@peff.net>, Mike Hommey <mh@glandium.org>,
Junio C Hamano <gitster@pobox.com>,
jean.guyader@linkea.org, git@vger.kernel.org,
Jean Guyader <jean.guyader@gmail.com>
Subject: Re: [PATCH] Fix problem with authentification on http repository.
Date: Thu, 10 Jul 2008 13:30:47 +0200 [thread overview]
Message-ID: <4875F2E7.1010209@op5.se> (raw)
In-Reply-To: <alpine.DEB.1.00.0807101248360.3135@eeepc-johanness>
Johannes Schindelin wrote:
> Hi,
>
> On Thu, 10 Jul 2008, Jeff King wrote:
>
>> On Wed, Jul 09, 2008 at 01:43:07PM +0200, Johannes Schindelin wrote:
>>
>>>> Note that http://user:pass@server/path/ /should/ work (but that
>>>> would need validation), though not a good idea on command line.
>>> Well, now that the programs using URLs are all builtins, we can
>>> actually do something about it. We can edit out the "user[:pass]@"
>>> part out of argv, which usually means that "ps" will not see it
>>> anymore.
>> Wouldn't there still be a race condition for publicly broadcasting your
>> password via ps?
>
> Yes. For a brief amount of time, but yes.
>
> BTW I thought I remembered one program xxx'ing out the password via argv,
> but unfortunately I do not remember which one it was.
>
The mysql client does (or did) it, although perhaps only on systems that
support it.
--
Andreas Ericsson andreas.ericsson@op5.se
OP5 AB www.op5.se
Tel: +46 8-230225 Fax: +46 8-230231
prev parent reply other threads:[~2008-07-10 11:32 UTC|newest]
Thread overview: 18+ messages / expand[flat|nested] mbox.gz Atom feed top
2007-09-29 22:26 [PATCH] Fix problem with authentification on http repository jean.guyader
2007-09-29 23:10 ` Johannes Schindelin
2007-09-29 23:38 ` Junio C Hamano
2007-09-29 23:40 ` Johannes Schindelin
2007-09-30 0:02 ` Junio C Hamano
2008-07-09 5:44 ` Junio C Hamano
2008-07-09 5:51 ` Mike Hommey
2008-07-09 6:28 ` Junio C Hamano
2008-07-09 7:53 ` Mike Hommey
2008-07-09 8:04 ` Daniel Stenberg
2008-07-09 8:18 ` Junio C Hamano
2008-07-09 8:56 ` Mike Hommey
2008-07-09 11:43 ` Johannes Schindelin
2008-07-10 7:24 ` Jeff King
2008-07-10 7:32 ` Junio C Hamano
2008-07-10 8:47 ` Jeff King
2008-07-10 10:51 ` Johannes Schindelin
2008-07-10 11:30 ` Andreas Ericsson [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=4875F2E7.1010209@op5.se \
--to=ae@op5.se \
--cc=Johannes.Schindelin@gmx.de \
--cc=git@vger.kernel.org \
--cc=gitster@pobox.com \
--cc=jean.guyader@gmail.com \
--cc=jean.guyader@linkea.org \
--cc=mh@glandium.org \
--cc=peff@peff.net \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.