secrets module -- secret.keeper?
Will the secrets module offer any building blocks to actually protect a secret? e.g., an easy way to encrypt a file with a given password? an encrypted datastore? a getpass that works even in IDLE? -jJ
Somewhat related, there is a keyring module, the functionality of which I've sometimes wished were part of the stdlib: https://pypi.python.org/pypi/keyring It supports the big three OSs. -Mike On 2015-09-30 10:55, Jim J. Jewett wrote:
Will the secrets module offer any building blocks to actually protect a secret?
e.g.,
an easy way to encrypt a file with a given password? an encrypted datastore? a getpass that works even in IDLE?
-jJ
On 1 October 2015 at 04:13, Mike Miller <python-ideas@mgmiller.net> wrote:
Somewhat related, there is a keyring module, the functionality of which I've sometimes wished were part of the stdlib:
https://pypi.python.org/pypi/keyring
It supports the big three OSs.
We've learned from experience that these kinds of module are better coupled to operating system update cycles than they are to Python language definition update cycles. However, a case could potentially be made for a pip-style bundling arrangement that provides the other benefits of stdlib inclusion (python-dev's technical endorsement, PSF's legal blessing), without incurring the costs (i.e. coupling to the language update cycle for feature additions). Cheers, Nick. -- Nick Coghlan | ncoghlan@gmail.com | Brisbane, Australia
On Wed, Sep 30, 2015 at 01:55:49PM -0400, Jim J. Jewett wrote:
Will the secrets module offer any building blocks to actually protect a secret?
e.g.,
an easy way to encrypt a file with a given password? an encrypted datastore?
I don't know. I think probably not -- they sound a bit too high level, at least for a first version. But if people want to propose functions to do so, they can be considered.
a getpass that works even in IDLE?
I would expect that if getpass doesn't work in IDLE, that's a bug (in IDLE or getpass, I'm not sure :-) -- Steve
On 10/1/2015 1:12 PM, Steven D'Aprano wrote:
On Wed, Sep 30, 2015 at 01:55:49PM -0400, Jim J. Jewett wrote:
Will the secrets module offer any ... a getpass that works even in IDLE?
I would expect that if getpass doesn't work in IDLE, that's a bug (in IDLE or getpass, I'm not sure :-)
Since Jim did not explain the implied 'does not work' I will guess that 'works' means replacing all typed or pasted chars with '*' before they are echoed to the screen. One can do this with tk(inter) and, I presume, any or all gui frameworks in use with Python. Text mode is tricker as system-specific commands are needed, and they may not work when tk (or another gui framework?) has control of the keyboard and screen. -- Terry Jan Reedy
On Wed, Sep 30, 2015 at 10:55 AM, Jim J. Jewett <jimjjewett@gmail.com> wrote:
Will the secrets module offer any building blocks to actually protect a secret?
e.g.,
an easy way to encrypt a file with a given password? an encrypted datastore?
-100 These are *waayyyyy* too complicated and subtle problems to try to handle in the stdlib. We cannot possibly do an acceptably good job here.
a getpass that works even in IDLE?
This sounds like a bug in getpass and/or IDLE that should just be fixed. -n -- Nathaniel J. Smith -- http://vorpus.org
participants (6)
-
Jim J. Jewett -
Mike Miller -
Nathaniel Smith -
Nick Coghlan -
Steven D'Aprano -
Terry Reedy