[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: How to safely print a variable with secret value to stdout?
From: |
Greg Wooledge |
Subject: |
Re: How to safely print a variable with secret value to stdout? |
Date: |
Wed, 11 May 2022 21:25:23 -0400 |
On Thu, May 12, 2022 at 02:36:20AM +0200, Philippe Cerfon wrote:
> printf '%s' "$secret" | foo --password-from-stdin
>
> should be safe and not show up in the process list or so.
>
> The problem is that the code might be run on shells where this isn't
> guaranteed
You control the shell with the shebang. If you use #!/bin/bash or
whatever shebang is appropriate to invoke bash on the target system,
then you know you're using a builtin printf.
That said,
https://mywiki.wooledge.org/BashFAQ/069