Comment 13 for bug 504423
Revision history for this message
| edso (ed.so) wrote Re: [Duplicity-team] [Bug 504423] Re: duplicity shows sensitive data in process listing | #13 |
© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
73416ba
(Get the code!)
On 08.06.2012 14:45, Eugene Crosser wrote:
> No, if it's empty duplicity will prompt for it. Which is exactly the
> problem that needs fixing.
>
actually this would need a different bug report as it is not covered by "duplicity shows sensitive data in process listing"
also i am not sure this is worth the trouble as setting an env var is essentially as safe as using .netrc on most platforms providing the script/crontab where it's set in has correct files system permissions to be protected.
a. could you open a new bug please?
b. suggest in the new topic a way to solve this from your point of view? keep in mind that duplicity is supposed to be usable interactively as well (restoring on a new machine etc.), so the password prompt generally makes sense. how about checking for existence of FTP_PASSWORD and prompt if it's not defined?
..ede/duply.net