[Python-Dev] getpass and stdin

[Shaya Potter]

Leif Walsh wrote:
> On Tue, Feb 26, 2008 at 12:43 PM, Shaya Potter <spotter at cs.columbia.edu> wrote:
>>  the -p <PASSWD> option is not good on multi user systems
>>  the -p <PASSFILE> option is not particularly good on NFS based systems
>>  (have to trust every user on every machine with access to NFS share)
> 
> You seem somehow both worried about security, yet too lazy to type in
> your password.  I think at some point, one of those concerns is going
> to have to give.

I want to run a program within a bash script, essentially daemonize a 
program that doesn't have a daemon mode.

#!/bin/sh

echo "What Is Your Passsword: "
stty_orig=`stty -g`
stty -echo
read -r PASSWORD
stty $stty_orig

TIMEOUT=600

while [ 1 ]
do
	echo $PASSWORD | program
	sleep $TIMEOUT
done

>>  and now, assuming what you say is part of the design behind the code
>>
>>  what's the point of this part of the code
>>
>>
>>   >>      try:
>>   >>          fd = sys.stdin.fileno()
>>   >>      except:
>>   >>          return default_getpass(prompt)
>>   >>
>>
>>  i.e. the exception handler, default_getpass() is always going to read
>>  from stdin at the end of the day.
>>
>>      line = sys.stdin.readline()
>>
>>  I'm assuming I'm missing something
> 
> Sorry, I only know my way around the libc version of getpass(), not
> the python one.  In that version, typically we try to open /dev/tty
> for reading, and if that fails, we fall back to stdin.  I presume
> that's what's going on here, but the first line appears to be getting
> stdin anyway, so I'm no longer sure.  That said, why don't you just
> use default_getpass() in your code, if it reads from stdin to begin
> with?

not my code, someone elses program, I can modify it, but that's a pain, 
was mostly wondering if it could be changed at the python level (or at 
least understand why python made the decision it did, sort of understand 
the eating stdin aspect)