Can the command line version of passwordmaker be modified to include the option of manually/interactively entering the master password?
I was really glad to find a command line version of PasswordMaker! When I went to use it I found that I had to enter the master password on the command line or store it in the rdf file. (If there is a way around this, then let me know and the rest of the post is moot.) I think storing your master password has been covered elsewhere in the forums. However, entering the master password on the command line presents a couple of security problems on multiuser systems.
1) If command line entries are logged to a history file on the system (like .history, .sh_history, .bash_history, etc) the system administrator can determine your master password. Of course, you could delete your history file or disable this feature (HISTSIZE=0), although this is not the default on Unix/Linux systems.
2) If another user on the system looked at the process table (ps) while the passwordmaker program was running, that user would have your master password as it is shown in the table as an argument to the running process.
There may be other issues that include backup software and system monitoring tools. Anyway...
Maybe password maker could prompt the user for the password if "-m -" is entered or if "-m" is entered without an argument.
Something to think about. I love passwordmaker!
Thanks!
J.