Buy commercial curl support from WolfSSL. We help you work
out your issues, debug your libcurl applications, use the API, port to new
platforms, add new features and more. With a team lead by the curl founder
himself.
Re: roadmap 2022 thoughts? (.netrc)
- Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]
From: Morten Kjærulff via curl-users <curl-users_at_lists.haxx.se>
Date: Sun, 9 Jan 2022 14:34:17 +0100
On Sun, Jan 9, 2022 at 12:44 PM Timothe Litt via curl-users wrote:
> that might put entries not used by the current command into the swapfile, in addition to /dev/mem
If that's a risk, wouldn't that be true already today?
And better than having ~/.netrc in plain text?
> At some point you have to use and trust the filesystem's permissions...
If the file is gpg encrypted, I have to trust gpg and my good
passphrase, isn't that true?
> keeping sensitive data on a physically removable device
Yes
> A simpler approach to your scheme is to invoke cURL once per URL
Even if I specify only 1 url, curl will sometimes read the .netrc more
than once.
I am on windows/cygwin and zOS. On zOS I can create a RACF protected
dataset, which I consider much more safe than windows security. The
command to display .netrc could be a ssh into zOS, which displays the
dataset.
/Morten
> On Sat, Jan 8, 2022, 22:25 Daniel Stenberg <daniel_at_haxx.se> wrote:
>>
>> On Fri, 7 Jan 2022, Morten Kjærulff via curl-users wrote:
>>
>> > Read .netrc only once.
>>
>> You mean once per invoke and not once per transfer ?
>>
>> It should certainly be doable but I'm not sure it is worth spending a lot of
>> cycles on it. Home come you think it is an issue in the first place?
>>
>> --
>>
>> / daniel.haxx.se
>> | Commercial curl support up to 24x7 is available!
>> | Private help, bug fixes, support, ports, new features
>> | https://curl.se/support.html
>
>
> --
> Unsubscribe: https://lists.haxx.se/listinfo/curl-users
> Etiquette: https://curl.haxx.se/mail/etiquette.html
Date: Sun, 9 Jan 2022 14:34:17 +0100
On Sun, Jan 9, 2022 at 12:44 PM Timothe Litt via curl-users wrote:
> that might put entries not used by the current command into the swapfile, in addition to /dev/mem
If that's a risk, wouldn't that be true already today?
And better than having ~/.netrc in plain text?
> At some point you have to use and trust the filesystem's permissions...
If the file is gpg encrypted, I have to trust gpg and my good
passphrase, isn't that true?
> keeping sensitive data on a physically removable device
Yes
> A simpler approach to your scheme is to invoke cURL once per URL
Even if I specify only 1 url, curl will sometimes read the .netrc more
than once.
I am on windows/cygwin and zOS. On zOS I can create a RACF protected
dataset, which I consider much more safe than windows security. The
command to display .netrc could be a ssh into zOS, which displays the
dataset.
/Morten
> On Sat, Jan 8, 2022, 22:25 Daniel Stenberg <daniel_at_haxx.se> wrote:
>>
>> On Fri, 7 Jan 2022, Morten Kjærulff via curl-users wrote:
>>
>> > Read .netrc only once.
>>
>> You mean once per invoke and not once per transfer ?
>>
>> It should certainly be doable but I'm not sure it is worth spending a lot of
>> cycles on it. Home come you think it is an issue in the first place?
>>
>> --
>>
>> / daniel.haxx.se
>> | Commercial curl support up to 24x7 is available!
>> | Private help, bug fixes, support, ports, new features
>> | https://curl.se/support.html
>
>
> --
> Unsubscribe: https://lists.haxx.se/listinfo/curl-users
> Etiquette: https://curl.haxx.se/mail/etiquette.html
-- Unsubscribe: https://lists.haxx.se/listinfo/curl-users Etiquette: https://curl.haxx.se/mail/etiquette.htmlReceived on 2022-01-09