[Python-Dev] getpass and stdin
Leif Walsh
adlaiff6 at gmail.com
Tue Feb 26 19:13:14 CET 2008
On Tue, Feb 26, 2008 at 12:43 PM, Shaya Potter <spotter at cs.columbia.edu> wrote:
> the -p <PASSWD> option is not good on multi user systems
> the -p <PASSFILE> option is not particularly good on NFS based systems
> (have to trust every user on every machine with access to NFS share)
You seem somehow both worried about security, yet too lazy to type in
your password. I think at some point, one of those concerns is going
to have to give.
> and now, assuming what you say is part of the design behind the code
>
> what's the point of this part of the code
>
>
> >> try:
> >> fd = sys.stdin.fileno()
> >> except:
> >> return default_getpass(prompt)
> >>
>
> i.e. the exception handler, default_getpass() is always going to read
> from stdin at the end of the day.
>
> line = sys.stdin.readline()
>
> I'm assuming I'm missing something
Sorry, I only know my way around the libc version of getpass(), not
the python one. In that version, typically we try to open /dev/tty
for reading, and if that fails, we fall back to stdin. I presume
that's what's going on here, but the first line appears to be getting
stdin anyway, so I'm no longer sure. That said, why don't you just
use default_getpass() in your code, if it reads from stdin to begin
with?
--
Cheers,
Leif
More information about the Python-Dev
mailing list